0

HelloKitty: The Victim’s Perspective

In the past few months, we have witnessed several indiscriminate attacks targeting big companies. Whereas years ago different threat actors focused on specific sectors, nowadays the same techniques, tactics, and procedures (e.g., how the perimeter is penetrated, which tools are used for lateral movement) are consistently applied regardless of company size, location, or industry. Target selection is much more dependent on an organization’s IT infrastructure: for example, recent trends show several actors (among them REvil, HelloKitty, or what was known as Darkside) increasingly targeting companies running workloads on VMware ESXi by adding to their ransomware capabilities to gracefully stop virtual machines before encrypting them (see Figure 1).

Another important trend we have seen growing in the last few months is the use of ransomware to seize sensitive customer data — first by exfiltrating it, then encrypting it, and later pressuring the victim into paying a ransom under the threat of disclosing such data publicly (a technique called “double extortion”). Notable victims include CD Projekt RED, which faced the leak of the source code of some of its most famous video games.

While many threat reports have already dissected the technical Continue reading

0

netlab Overview

In December 2020, I got sick-and-tired of handcrafting Vagrantfiles and decided to write a tool that would, given a target networking lab topology in a text file, produce the corresponding Vagrantfile for my favorite environment (libvirt on Ubuntu). Nine months later, that idea turned into a pretty comprehensive tool targeting networking engineers who like to work with CLI and text-based configuration files. If you happen to be of the GUI/mouse persuasion, please stop reading; this tool is not for you.

During those nine months, I slowly addressed most of the challenges I always had creating networking labs. Here’s how I would typically approach testing a novel technology or software feature:

0

netsim-tools Overview

In December 2020, I got sick-and-tired of handcrafting Vagrantfiles and decided to write a tool that would, given a target networking lab topology in a text file, produce the corresponding Vagrantfile for my favorite environment (libvirt on Ubuntu). Nine months later, that idea turned into a pretty comprehensive tool targeting networking engineers who like to work with CLI and text-based configuration files. If you happen to be of the GUI/mouse persuasion, please stop reading; this tool is not for you.

During those nine months, I slowly addressed most of the challenges I always had creating networking labs. Here’s how I would typically approach testing a novel technology or software feature:

0

The Edge Is Just A Massive, Geographically Distributed Cluster

Sponsored If you have a hundred or a thousand machines that you want to work in concert to run a simulation or a model or a machine learning training workload that cannot physically be done by any one single machine, you build a distributed systems cluster and there are all kinds of known tools to manage the underlying server nodes, to create the overarching computing environment, and to then carve it up into pieces to push work through it. …

The Edge Is Just A Massive, Geographically Distributed Cluster was written by Timothy Prickett Morgan at The Next Platform.

0

IBM intros new generation of IBM Power servers

IBM is keeping the faith for Unix just like it is for mainframes. It has announced a new Unix-based server, the IBM Power E1080, the first in a family that is based on the POWER10 processor.IBM announced the POWER10 processor last year. Designed on a 7nm process, it is expected to deliver up to a three-fold improvement in capacity and processor energy efficiency within the same power envelope as IBM POWER9.It features a new technology called Memory Inception that supports multi-petabyte memory clusters for massive memory-intensive workloads along with end-to-end memory encryption with quadruple the number of AES encryption engines per core compared to IBM POWER9.To read this article in full, please click here

0

IBM intros new generation of IBM Power servers

IBM is keeping the faith for Unix just like it is for mainframes. It has announced a new Unix-based server, the IBM Power E1080, the first in a family that is based on the POWER10 processor.IBM announced the POWER10 processor last year. Designed on a 7nm process, it is expected to deliver up to a three-fold improvement in capacity and processor energy efficiency within the same power envelope as IBM POWER9.It features a new technology called Memory Inception that supports multi-petabyte memory clusters for massive memory-intensive workloads along with end-to-end memory encryption with quadruple the number of AES encryption engines per core compared to IBM POWER9.To read this article in full, please click here

0

Hedge 99

Two things have been top of mind for those who watch the ‘net and global Internet policy—the increasing number of widespread outages, and the logical and physical centralization of the ‘net. How do these things relate to one another? Alban Kwan joins us to discuss the relationship between centralization and widespread outages. You can read Alban’s article on the topic here.

download

0

Explore VMware’s Modern App Connectivity Services with Amazon EKS-Anywhere

As enterprises accelerate their application modernization journey, there is a stronger need for running applications across multi-cloud environments. Today, AWS announced General Availability of Amazon EKS-Anywhere, expanding the AWS portfolio to support these use cases.

We are thrilled to integrate with and extend EKS by providing secure connectivity services that work cross-cluster and cross-cloud with VMware’s Modern App Connectivity Services. By delivering these capabilities, applications can enjoy the level of resiliency, scalability, and security needed for enterprise-critical applications.

VMware Modern App Connectivity Services accelerate the path to app modernization by extending connectivity and security between EKS and EKS-D, and to other platforms. Built on cloud-native principles, it enables a set of important use cases that automate the process of connecting, observing, scaling, and better-securing applications.

VMware enables EKS customers to leverage connectivity, resiliency, and security capabilities:

1. Application connectivity
   Across both multi-cluster and hybrid clouds, in addition to VM environments.  This enables discoverability and connectivity between distributed microservices across hybrid EKS, EKS-D, and VMware vSphere environments.
2. Application resiliency 
   This enables cluster load balancing level on-prem to communicate with the rest of the customer’s environments both on-prem and on the cloud with this global load balancing solution.
3. Application security
   This enables Continue reading

0

Device Management Issues in Corporate Environments

Remote work, which will remain the norm for the near term, elevates the importance of device management and IT's role in securing user devices.

0

This Is What The Most Powerful Server In The World Looks Like

While we are big fans of distributed computing systems here at The Next Platform, we never forget our heritage in big iron. …

This Is What The Most Powerful Server In The World Looks Like was written by Timothy Prickett Morgan at The Next Platform.

0

Sleeping and waiting on Linux

The Linux sleep and wait commands allow you to run commands at a chosen pace or capture and display the exit status of a task after waiting for it to finish. Sleep simply inserts a timed pause between commands. Wait, on the other hand, waits until a process completes before notifying you that it has finished.Sleep The sleep command pauses for a specified time. It’s generally used in a script, but works on the command line as well. In the example below, sleep pauses a minute between the two date commands.$ date; sleep 60; date Wed Sep 8 12:10:40 PM EDT 2021 Wed Sep 8 12:11:40 PM EDT 2021 Summarizing your command-line usage on Linux The sleep command takes the numeric argument as the number of seconds. You can, however, ask it to sleep for various amounts of time by adding another character to the argument: 1m = 1 minute 2h = 2 hours 3d = 3 days $ date; sleep 1m; date Wed Sep 8 12:16:38 PM EDT 2021 Wed Sep 8 12:17:38 PM EDT 2021 In fact, you can sleep for less than a second if you need.To read this article in full, please click here

0

Sleeping and waiting on Linux

The Linux sleep and wait commands allow you to run commands at a chosen pace or capture and display the exit status of a task after waiting for it to finish. Sleep simply inserts a timed pause between commands. Wait, on the other hand, waits until a process completes before notifying you that it has finished.Sleep The sleep command pauses for a specified time. It’s generally used in a script, but works on the command line as well. In the example below, sleep pauses a minute between the two date commands.$ date; sleep 60; date Wed Sep 8 12:10:40 PM EDT 2021 Wed Sep 8 12:11:40 PM EDT 2021 Summarizing your command-line usage on Linux The sleep command takes the numeric argument as the number of seconds. You can, however, ask it to sleep for various amounts of time by adding another character to the argument: 1m = 1 minute 2h = 2 hours 3d = 3 days $ date; sleep 1m; date Wed Sep 8 12:16:38 PM EDT 2021 Wed Sep 8 12:17:38 PM EDT 2021 In fact, you can sleep for less than a second if you need.To read this article in full, please click here

0

AWS, NetApp team up for a cloud-native file system

Amazon Web Services and NetApp have teamed up to tie NetApp’s on-prem storage and its proprietary OS for storage-disk arrays to AWS’s managed file-storage service, FSx.Called Amazon FSx for NetApp ONTAP, the service provides things like capacity scaling, maintenance, and updates so on-prem staff doesn’t have to. Performance management with automatic tiering between local storage and fully elastic AWS storage is provided by AWS as well. Learn about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space This is not a new area for AWS, which offers two similar services for Windows File Server and the Lustre HPC file-storage system. FSx for Windows File Server is a native Windows file system that offers Windows file storage in the cloud, while FSx for Lustre offers scalable, high-performance storage for HPC applications.To read this article in full, please click here

0

AWS, NetApp team up for a cloud-native file system

Amazon Web Services and NetApp have teamed up to tie NetApp’s on-prem storage and its proprietary OS for storage-disk arrays to AWS’s managed file-storage service, FSx.Called Amazon FSx for NetApp ONTAP, the service provides things like capacity scaling, maintenance, and updates so on-prem staff doesn’t have to. Performance management with automatic tiering between local storage and fully elastic AWS storage is provided by AWS as well. Learn about backup and recovery: Backup vs. archive: Why it’s important to know the difference How to pick an off-site data-backup method Tape vs. disk storage: Why isn’t tape dead yet? The correct levels of backup save time, bandwidth, space This is not a new area for AWS, which offers two similar services for Windows File Server and the Lustre HPC file-storage system. FSx for Windows File Server is a native Windows file system that offers Windows file storage in the cloud, while FSx for Lustre offers scalable, high-performance storage for HPC applications.To read this article in full, please click here

0

Day Two Cloud 114: Successfully Transitioning From A Tech Role To Management

Today's Day Two Cloud podcast topic is about moving from a tech role into management. Is it a good idea? Why might you want to make the change? How can you do it successfully? We speak with two guests who've made the leap.

0

Day Two Cloud 114: Successfully Transitioning From A Tech Role To Management

Today's Day Two Cloud podcast topic is about moving from a tech role into management. Is it a good idea? Why might you want to make the change? How can you do it successfully? We speak with two guests who've made the leap.

The post Day Two Cloud 114: Successfully Transitioning From A Tech Role To Management appeared first on Packet Pushers.

0

Lenovo Bundles VMware Stack At The Edge

Enterprises and tech vendors alike for the past few years have been talking about the growing importance of the edge in the increasingly distributed IT environment. …

Lenovo Bundles VMware Stack At The Edge was written by Jeffrey Burt at The Next Platform.

0

Introducing: Custom Hostname Analytics

In our last blog, we talked about how Cloudflare can help SaaS providers extend the benefits of our network to their customers. Today, we’re excited to announce that SaaS providers will now be able to give their customers visibility into what happens to their traffic when the customer onboards onto the SaaS provider, and inherently, onto the Cloudflare network.

As a SaaS provider, you want to see the analytics about the traffic bound for your service. Use it to see the global distribution of your customers, or to measure the success of your business. In addition to that, you want to provide the same insights to your individual customers. That’s exactly what Custom Hostname Analytics allows you to do!

The SaaS Setup

Imagine you run a SaaS service for burrito shops, called The Burrito Bot. You have your burrito service set up on shop.theburritobot.com and your customers can use your service either through a subdomain of your zone, i.e. dina.theburritobot.com, or through their own website e.g. burrito.example.com.

When customers onboard to your burrito service, they become fully reliant on you to provide their website with the fastest load time, the Continue reading

0

How Cloudflare helped mitigate the Atlassian Confluence OGNL vulnerability before the PoC was released

On August 25, 2021, Atlassian released a security advisory for their Confluence Server and Data Center. The advisory highlighted an Object-Graph Navigation Language (OGNL) injection that would result in an unauthenticated attacker being able to execute arbitrary code.

A full proof of concept (PoC) of the attack was made available by a security researcher on August 31, 2021. Cloudflare immediately reviewed the PoC and prepared a mitigation rule via an emergency release. The rule, once tested, was deployed on September 1, 2021, at 15:32 UTC with a default action of BLOCK and the following IDs:

• 100400 (for our legacy WAF)
• e8c550810618437c953cf3a969e0b97a (for our new WAF)

All customers using the Cloudflare WAF to protect their self-hosted Confluence applications have automatically been protected since the new rule was deployed last week. Additionally, the Cloudflare WAF started blocking a high number of potentially malicious requests to Confluence applications even before the rule was deployed.

And customers who had deployed Cloudflare Access in front of their Confluence applications were already protected even before the emergency release. Access checks every request made to a protected hostname for a JSON Web Token (JWT) containing a user’s identity. Any unauthenticated users attempting this exploit Continue reading

0

Open-Source DMVPN Alternatives

When I started collecting topics for the September 2021 ipSpace.net Design Clinic one of the subscribers sent me an interesting challenge: are there any open-source alternatives to Cisco’s DMVPN?

I had no idea and posted the question on Twitter, resulting in numerous responses pointing to a half-dozen alternatives. Thanks a million to @MarcelWiget, @FlorianHeigl1, @PacketGeekNet, @DubbelDelta, @Tomm3h, @Joy, @RoganDawes, @Yassers_za, @MeNotYouSharp, @Arko95, @DavidThurm, Brian Faulkner, and several others who chimed in with additional information.

Here’s what I learned: