NetworkingNexus.net

WordPress e-commerce plug-in puts over 5,000 websites at risk

TheCartPress, an e-commerce plug-in used on thousands of WordPress-based websites, has several high-risk vulnerabilities.There are currently no fixes available for the flaws and, according to its developer, support for the plug-in will be discontinued on June 1st.The vulnerabilities could allow attackers to “execute arbitrary PHP code, disclose sensitive data, and perform Cross-Site Scripting [XSS] attacks against users of WordPress installations with the vulnerable plug-in,” researchers from security firm High-Tech Bridge said in an advisory Wednesday.There are factors that limit the exploitation of some of the flaws, but they still pose a significant risk.To read this article in full or to leave a comment, please click here

An introduction to JavaScript-based DDoS

An introduction to JavaScript-based DDoS CloudFlare protects millions of websites from online threats. One of the oldest and most pervasive attacks launched against websites is the Distributed Denial of Service (DDoS) attack. In a typical DDoS attack, an attacker causes a large number of computers to send data to a server, overwhelming its capacity and preventing legitimate users from accessing it.

In recent years, DDoS techniques have become more diversified: attackers are tricking unsuspecting computers into participating in attacks in new and interesting ways. Last year, we saw what was likely the largest attack in history (>400Gbps) performed using NTP reflection. In this attack, the unsuspecting participants were misconfigured NTP servers worldwide. This year, we’re seeing a disturbing new trend: attackers are using malicious JavaScript to trick unsuspecting web users into participating in DDoS attacks.

The total damage that can be caused by a NTP or DNS reflection attack is limited by the number of vulnerable servers. Over time, this number decreases as networks patch their servers, and the maximum size of the attack is capped at the outbound capacity of all the vulnerable servers. For JavaScript-based DDoS, any computer with a browser can be enrolled in the attack, making the potential attack volume nearly Continue reading

PF_RING Deep Dive with Luca Deri on Software Gone Wild

Whenever software switching nerds get together and start discussing the challenges of high-speed x86-based switching, someone inevitably mentions PF_RING, an open-source library that gives you blazingly fast packet processing performance on a Linux server.

I started recording a podcast with Luca Deri, the author of PF_RING, but we diverted into discussing ntopng, Luca’s network monitoring software. We quickly fixed that and recorded another podcast – this time, it’s all about PF_RING, and we discussed these topics:

Why numbering should start at zero?

How does Internet work - We know what is networking

Please note: This has nothing to do with networking in particular! Not if you look from only one perspective. If you look from totally different perspective, with Cisco ACI and all other SDN solutions, you will probably meet with Python programming language (because you will) and then, somewhere in beginning of Python exploration this is the first question that will cross your mind. Of course, if you think like me! Although not directly related to networking, the question bothered me for some time now and the answer is not only really logical when you read it but it is also

Why numbering should start at zero?

Microsoft’s HoloLens adds virtual life to Raspberry Pi 2 gadgets, robots

Microsoft says its HoloLens head-mounted computer can bring robots and gadgets based on Raspberry Pi 2 to life as they are being developed. HoloLens is an augmented-reality headset that lets users interact with 3D objects that show up as floating images, much like holographic projections. By blending computer-generated images with a user's view of the real world, Microsoft wants to change the way we interact with the environment. Microsoft also believes HoloLens can bring a new level of interactivity to enthusiasts making gadgets, robots or appliances using developer boards like the US$35 Raspberry Pi 2. The HoloLens could help makers envision how a gadget would look or how a robot would behave.To read this article in full or to leave a comment, please click here

VCDX-NV Interview: Jason Nash On The Network Virtualization Career Path

Jason Nash is CTO of Varrow, a VMware Partner based out of the Carolinas. Previous to Varrow he was an enterprise architect for Wachovia’s investment bank. Jason has been in enterprise IT almost 20 years and originally started as a network admin working with Cisco gear. He maintains his Cisco CCNA and CCNP certifications. He is one of only a handful of double VCDX professionals, having completed his VCDX-NV last year.

When did you first start looking at network virtualization?

I started looking at network virtualization three to four years ago. I think before that, when it was just purely Nicira and some of those types of companies and projects, network virtualization was really the domain of the PayPals, the eBays, the Googles. Those types of companies. When VMware acquired Nicira, when Cisco did their Insieme spin-in, we started to see that commercial and traditional enterprise customers were going to have some very good options around network virtualization. We started to weigh our options and we really started to get serious about it over the last 18 months. Network virtualization ramps up right alongside our automation or orchestration practices and projects. So we believe that to do those properly, you Continue reading

Sony’s smartphone struggles continue as other areas look up

Sony’s CEO Kazuo Hirai has some difficult decisions to make as consumers continue to shun the company’s smartphones, resulting in continued losses.The company on Thursday reported a net loss of ¥126 billion (US$1.1 billion) for its latest fiscal year, which ended on March 31. Year-on-year, Sony’s revenue increased by 5.8 percent to ¥8.2 trillion.Not surprisingly, Sony’s Mobile Communications unit, which develops the Xperia smartphones, gets part of the blame for another year in the red.The future of the mobile division has been very much up in question since a new head of Sony Mobile Communications was appointed in October last year. Sony has announced layoffs and pulled the plug on the PlayStation Mobile platform, but hasn’t been able to turn around its fortunes.To read this article in full or to leave a comment, please click here

Docker Machine Provisioning on AWS

Next up in the docker machine series of integration posts is spinning up some cloud resources on Amazon EC2. The model is the same as previous docker machine posts, boot a VM running as a Docker host, add your cloud credentials for the provider and use your regular docker client commands on the remote Docker host in Amazon. The docker ... The post Docker Machine Provisioning on AWS appeared first on NetworkStatic | Brent Salisbury's Blog.

...

Using Docker Machine to Provision on Microsoft Azure

Microsoft has done a pretty amazing job with Azure over the years. It has been really cool seeing Microsoft embrace Docker and open source in general like they recently have. This post is a continuation of the series on docker machine provisioning to dev hypervisors, DC infra and cloud providers. If you are new to Azure or don’t have an ... The post Using Docker Machine to Provision on Microsoft Azure appeared first on NetworkStatic | Brent Salisbury's Blog.

...

Normalizing the Cloud with Docker Machine

Docker machine creates a virtual machine running Docker located in an array of locations that I can then create containers and ship workloads to. The locations and types you can provision to range from the who is who of cloud computing, workstation resources and traditional on prem local resources sitting in the average enterprise DC. What I get from using ... The post Normalizing the Cloud with Docker Machine appeared first on NetworkStatic | Brent Salisbury's Blog.

...

Amazon buys ClusterK, a firm that helps users buy cloud capacity cheap

Amazon has acquired ClusterK, a developer of software that helps companies run mission-critical applications on spare cloud compute capacity sold by Amazon Web Services.A spokeswoman for AWS confirmed the acquisition, but did not provide further details.Spot instances are spare Amazon EC2 (Elastic Compute Cloud) instances for which users name their price. The price for the spot instances can vary in real-time depending on demand and supply. The instance will run until the spot price exceeds the bid or the user terminates it.This is in contrast with AWS On-Demand instances that let users pay for compute capacity by the hour without long-term commitments, or Reserved instances, which provide capacity reservation. AWS has positioned spot instances as the option to use when customers have flexibility in when their applications can run.To read this article in full or to leave a comment, please click here

SDxCentral to Carry Free Live Stream of Inaugural NFV World Congress, May 5-8

The first NFV World Congress kicks off next week! SDxCentral will be streaming live from the event so you can learn all about the latest NFV developments, technologies, and real-world applications.

Apple says EC probe could lead to back tax payments

Apple has warned that an European probe into its tax payments in Ireland could lead to the company having to pay disputed past taxes covering up to 10 years.The company said the impact could be “material,” but did not provide an estimate.The European Commission began a probe last year into a tax deal between Ireland and Apple to ascertain whether the taxes the company paid complied with European Union rules on state aid.The investigation would address rulings by Irish tax authorities on the calculation of the taxable profit allocated to the Irish branches of Apple Sales International and of Apple Operations Europe, to find out if the rulings involved state aid that benefited the company.To read this article in full or to leave a comment, please click here

Juniper still challenged in switching

Obscured by Juniper’s solid first quarter results were underwhelming results in its enterprise and switching businesses. Switching was off 13% from the first quarter of 2014, while the company’s enterprise business slumped about 10%.Sequentially, switching was off close to 5% and enterprise was down 2% from the fourth quarter of 2014.Still, Juniper posted a quarter that beat estimates and its own revenue and earnings guidance. The results were due to slightly better demand from cloud, cable and European service providers, and demand for routers among large enterprises, particularly those in the government vertical.To read this article in full or to leave a comment, please click here

Google develops new defense against phishing

Google has developed a new extension for its Chrome browser that aims to stop people from falling prey to phishing sites.The free Password Alert extension stores an encrypted version of a person’s password and warns if it is typed into a site that isn’t a Google sign-in page, according to a blog post on Wednesday. It will then prompt a person to change their password.Although security companies collaborate to detect and blacklist phishing sites, such attacks are commonly used by hackers to capture valuable sign-in details. Phishing sites may only be active for a short time before they’re blacklisted, but it’s still a window of risk.To read this article in full or to leave a comment, please click here

Xiaomi phones still hot in China, but Apple catching up

Xiaomi led China’s smartphone market as its biggest vendor for the third straight quarter. But Apple is closing in, thanks to demand for its iPhone 6 and iPhone 6 Plus, and may even overtake Xiaomi this year.In this year’s first quarter, Xiaomi claimed a 13 percent share, while Apple captured 12 percent, research firm Strategy Analytics said Wednesday. In the first quarter of last year, Apple’s share was 8 percent compared to Xiaomi’s 11 percent.Xiaomi, a maker of inexpensive Android phones, is riding on the success of its Redmi models, which can start at 599 yuan (US$98) when bought without carrier subsidies.But the company’s smartphone shipments have been declining over the past two quarters, Strategy Analytics said. Apple, on the other hand, witnessed booming sales. In the quarter, Apple shipped 13.5 million smartphones to the country, up from 7.8 million units a year ago.To read this article in full or to leave a comment, please click here

What Port Is The Most Targeted in Your Network?

Original Post in Solarwinds Thwack Author donthomas Security is an aspect that every organization should give the utmost priority.

China’s a fast-growing gold mine for Apple

Designed by Apple in California—that nod to its home state has appeared on Apple products for years, but increasingly, Apple’s gadgets are being sold far from its Cupertino headquarters.In the first three months of this year, iPhone sales in China surpassed those in the U.S. for the first time. Also for the first time, China jumped ahead of Europe as Apple’s biggest overall market after the Americas.Can the day be far off when Apple sells more in China than it does at home? The idea isn’t as far fetched as you might think.Thanks to the dominant role the iPhone plays in Apple’s revenue and the considerable untapped demand among China’s burgeoning middle class, sales aren’t showing any signs of stopping.To read this article in full or to leave a comment, please click here

China’s a fast-growing gold mine for Apple

Microsoft’s Nadella sets lofty cloud goals

Less than a week after reporting that Microsoft’s enterprise cloud business is currently on an annual run rate of US$6.3 billion, CEO Satya Nadella says the company’s goal is to increase that figure to $20 billion by fiscal year 2018.“That’s the cloud that we want to build,” he said Wednesday at the company’s briefing for financial analysts during its Build conference in San Francisco. “It’s leading with some of our SaaS applications and having the IaaS, PaaS capability and our servers, which are the edge of our cloud. That’s our vision. That’s why we believe that we get to participate in future growth.”Run rate is simply quarterly revenue presented on an annualized basis. Microsoft’s cloud business includes its Azure platform and cloud versions of Office 365 and Dynamics CRM.To read this article in full or to leave a comment, please click here

« Previous 1 … 3,531 3,532 3,533 3,534 3,535 … 3,861 Next »