NetworkingNexus.net

Bedep’s DGA: Trading Foreign Exchange for Malware Domains

As initially researched by Trend Micro [1] [2], Zscaler [1] [2], Cyphort, and Malware don’t need Coffee, the Bedep malware family focuses on ad / click fraud and the downloading of additional malware. ASERT’s first sample dates from September 22, 2014, which is in line with when Trend Micro started seeing it in their telemetry. In early 2015, the family got some more attention when it was being observed as the malware payload for some instances of the Angler exploit kit, leveraging the Adobe Flash Player exploit (CVE-2015-0311) which at the time was a 0day. It was also observed that this newer version was using a domain generation algorithm (DGA) to generate its command and control (C2) domain names.

This post provides some additional notes on the DGA including a proof of concept Python implementation, a look at the two most recent sets of DGA generated domains, and concludes with some sinkhole data.

Samples

The following Bedep samples were used for this research:

MD5 e5e72baff4fab6ea6a1fcac467dc4351
MD5 1b84a502034f7422e40944b1a3d71f29

The former was originally sourced from KernelMode.

Algorithm

I’ve posted a proof of concept (read: works for me) Python implementation of the DGA to ASERT’s Github.

At the time of Continue reading

Qualcomm looking to fast-track Snapdragon 820 with help from Samsung

A plan by Qualcomm to get Samsung Electronics to make its Snapdragon 820 chip could lead to faster smartphones, offering longer battery life by early next year.The chip company will get its top-line device manufactured in factories belonging to Samsung, according to a news report by Re/code. The South Korean company will make the Snapdragon 820 chip using the 14-nanometer process, which will also be used to make Apple’s next A9 chip.The Snapdragon 820 chip was announced last month at Mobile World Congress and is expected to start shipping later this year. Qualcomm hasn’t shared information about where it will be manufactured, but Samsung’s 14-nm process will provide big performance and power advantages over current Snapdragon chips.To read this article in full or to leave a comment, please click here

Qualcomm looking to fast-track Snapdragon 820 with help from Samsung

Intel and Ericsson Deepen Ties in Managed Security Services

Another partnership between the two giants, this time targeting telco-managed security.

Using the POX SDN controller

In this tutorial, we will demonstrate basic software-defined networking (SDN) concepts using the POX SDN controller, POX components, and the Mininet network simulator.

Pox-050b

We will show how to use the POX SDN controller to create software defined networks that can be used to forward packets from one host to another and create flows on the SDN switches in the network. We will use the Mininet network simulator to create the network of emulated SDN switches and hosts that will be controlled by the POX SDN controller.

About Mininet

Mininet is an open-source network simulator designed to support research and education in the topic of software defined networks. If you are not already familiar with Mininet, you should review the following posts before starting this tutorial:

More information about Mininet is available at the Mininet web site.

About POX

POX provides a framework for communicating with SDN switches using either the OpenFlow or OVSDB protocol. Developers can use POX to create an SDN controller using the Python programming language. It is a popular tool for teaching about and researching software defined networks and Continue reading

Pushdo spamming botnet gains strength again

Computers in more than 50 countries are infected with a new version of Pushdo, a spamming botnet that has been around since 2007 and survived several attempts to shut it down.At one time, Pushdo-infected computers sent as many as 7.7 billion spam messages per day. Security analysts have tried to kill it four times by commandeering its infrastructure, but a new version of the malware has emerged once again, with high concentrations of infections in countries such as India, Indonesia, Turkey and Vietnam.“Pushdo was very successful in what it did, so coming up with various revisions or versions of it makes a lot of sense for the bad guys,” said Mike Buratowski, vice president of cybersecurity services at Fidelis Cybersecurity, based in Austin, Texas.To read this article in full or to leave a comment, please click here

Great customer experience is an elusive goal

Every company says it wants to provide a top-notch customer experience; how many actually do is another matter.To wit: Although improving the customer experience is a strategic priority at a full 73 percent of businesses surveyed for a new Forrester Research report released Monday, only 1 percent of companies currently deliver an excellent experience, the study found.That’s a problem, Forrester says, because customer experience (sometimes called CX) has become a more strategic imperative than ever.“Growth is now the top priority for business leaders, and to achieve that you have to improve customer experience,” said Kyle McNabb, a vice president of research strategy with Forrester. “Traditionally we’ve all worked toward metrics like ROI, but now the metric is impact on experience.”To read this article in full or to leave a comment, please click here

IBM sales dip 12 percent despite lift from new mainframe

IBM reported a 12 percent drop in revenue for the last quarter despite a big boost from its new z13 mainframe, which went on sale last month.Revenue for the quarter ended March 31 was $19.6 billion, with profit down 5 percent to $2.4 billion, IBM announced Monday.Two-thirds of the company’s business comes from overseas, and the strong U.S. dollar weighed on its results. Without the currency impact, and adjusting for businesses that IBM recently sold off, revenue would have been flat from a year ago, CFO Martin Schroeter said on IBM’s earnings call.Like its rival Hewlett-Packard, IBM has been watching its business shrink for several quarters as customers spend less on expensive hardware and IT services and devote more to cloud computing and mobile.To read this article in full or to leave a comment, please click here

VMware prepares its virtualization stack for Docker

VMware may have pioneered enterprise virtualization, but until Monday it had been relatively quiet when it comes to Docker containers, the popular lightweight form of application virtualization.Now it’s addressing the market for Docker with two open source software packages that will allow its customers to more easily deploy containers in their existing VMware infrastructure.The company has released a Linux distribution, called Project Photon, which was designed to run within a VMware virtual machine hypervisor and contains only the barest essentials that an operating system would need for running containers. The company has also released access management software, called Project Lightwave, that gives system administrators a way to control the access to their containers.To read this article in full or to leave a comment, please click here

Are you ready for Google’s ‘Mobilegeddon’ on Tuesday?

Google said in February that it was going to make mobile-friendliness matter more to its search-engine rankings. On Tuesday, it makes good on that commitment—and webmasters who didn’t heed the warning may see a steep drop in traffic.It’s a shift so potentially fraught with peril for those who aren’t ready that it’s being called “Mobilegeddon.” Essentially, Google is expanding its use of mobile-friendliness as a ranking signal when it compiles search results. Sites that are mobile-friendly will be ranked higher in search results; those that aren’t will suffer.To read this article in full or to leave a comment, please click here

Nokia wants back into the mobile phone business?

Nokia sold off its mobile phone business to Microsoft last fall, but now one of Nokia's remaining business units is eyeing a return to the consumer mobile phone market next year.Nokia Technologies, which controls thousands of technology patents, plans to re-enter the mobile phone market in 2016, according to unnamed sources cited by Re/code.Such plans would be ambitious, especially given the super-competitive global smartphone and feature phone market. It isn't clear precisely what Nokia Technologies is up to, and at least two analysts are skeptical it will work.To read this article in full or to leave a comment, please click here

VMware just created its first Linux OS, and it’s container-friendly

VMware Monday announced its first operating system, and it’s designed to run containers inside the company’s virtualization management software. In announcing the Linux OS, named Project Photon, VMware is attempting to convince users who are curious about using containers that they can do so while still using the company’s software. + MORE FROM NETWORK WORLD: Will containers kill the virtual machine? + VMware As container technology has gained popularity in recent months there’s been a debate in the cloud computing and virtualization market about whether it is best to run containers on bare metal, meaning without a hypervisor, or in virtual machines. If containers run on bare metal, it could remove the need for VMware’s virtualization software.To read this article in full or to leave a comment, please click here

Live streaming apps pose legal risks for users

Live video is messy. It’s raw, unedited, and with new mobile apps, it’s now capable of capturing many more people who aren’t aware they’re being recorded. And in some cases, that can add up to legal problems. Meerkat and Periscope aren’t the first tools to offer live-streaming capabilties, but they have captured attention due in large part to the ease with which they allow video to be recorded on the fly, from a smartphone, and shared publicly on Twitter. Twitter owns Periscope, while Meerkat is the indie player, a breakout hit at this year’s South by Southwest technology festival in Austin, Texas. And both are positioned to spawn a crop of disputes, and even lawsuits, around alleged privacy violations or copyright infringement.To read this article in full or to leave a comment, please click here

Our Top Session Picks for RSA Conference 2015

Juniper, DevOps, and RSA itself — it's a packed week at the annual security confab.

PQ 48 – Multi-Tenant DC with ALE & NEC – Sponsored

Subash Bohra from Alcatel Lucent Enterprise and Toshal Dudwhala from NEC America join Packet Pushers Greg Ferro & Ethan Banks in a discussion about SDN in the data center.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

The post PQ 48 – Multi-Tenant DC with ALE & NEC – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.

Why the journey to IPv6 is still the road less traveled

The writing’s on the wall about the short supply of IPv4 addresses, and IPv6 has been around since 1999. Then why does the new protocol still make up just a fraction of the Internet?Though IPv6 is finished technology that works, rolling it out may be either a simple process or a complicated and risky one, depending on what role you play on the Internet. And the rewards for doing so aren’t always obvious. For one thing, making your site or service available via IPv6 only helps the relatively small number of users who are already set up with the protocol, creating a nagging chicken-and-egg problem.The new protocol, which is expected to provide more addresses than users will ever need, has made deep inroads at some big Internet companies and service providers, especially mobile operators. Yet it still drives less than 10 percent of the world’s traffic. This is despite evidence that migrating to IPv6 can simplify networks and even speed up the Web experience.To read this article in full or to leave a comment, please click here

Why the journey to IPv6 is still the road less traveled

Want to be open to all direct messages? Twitter will let you

As part of Twitter’s larger push to give more people a reason to use its service, it is changing its direct messaging function to let users receive missives from people they don’t follow.Previously, users could only send the private, direct messages to those who followed them. By letting more users message each other privately, Twitter hopes to more strongly compete against messaging apps WhatsApp, with roughly 800 million monthly users, and Facebook Messenger with 600 million users who log in monthly. Twitter had 288 million users as of the end of last year.Importantly for those who worry about spam and abuse, Twitter is letting would-be recipients of the DMs decide if they want to change their account settings to accept direct messages from people they do not follow. A new direct message button will appear on the profiles of people who turn this on.To read this article in full or to leave a comment, please click here

« Previous 1 … 3,538 3,539 3,540 3,541 3,542 … 3,849 Next »