Protecting against recently disclosed Microsoft Exchange Server vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065

Protecting against recently disclosed Microsoft Exchange Server vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065

Enabling the Cloudflare WAF and Cloudflare Specials ruleset protects against exploitation of unpatched CVEs: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.

Cloudflare has deployed managed rules protecting customers against a series of remotely exploitable vulnerabilities that were recently found in Microsoft Exchange Server. Web Application Firewall customers with the Cloudflare Specials ruleset enabled are automatically protected against CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.

If you are running Exchange Server 2013, 2016, or 2019, and do not have the Cloudflare Specials ruleset enabled, we strongly recommend that you do so. You should also follow Microsoft’s urgent recommendation to patch your on-premise systems immediately. These vulnerabilities are actively being exploited in the wild by attackers to exfiltrate email inbox content and move laterally within organizations’ IT systems.

Edge Mitigation

If you are running the Cloudflare WAF and have enabled the Cloudflare Specials ruleset, there is nothing else you need to do. We have taken the unusual step of immediately deploying these rules in “Block” mode given active attempted exploitation.

If you wish to disable the rules for any reason, e.g., you are experiencing a false positive mitigation, you can do so by following these instructions:

  1. Login to the Cloudflare Dashboard Continue reading

Controversial Reads 030621


The worldwide plans for EV domination of the vehicle population are like having the plans to build a large house without sufficient materials being available to ever finish the house.


This is how the squeeze worked: A few large hedge funds had “shorted” GameStop. That means that they had borrowed the stock, with the intention of returning it when the share price moved lower, as they expected it would, leaving them with a profit.


The worldwide plans for EV domination of the vehicle population are like having the plans to build a large house without sufficient materials being available to ever finish the house.


A new canvassing of experts in technology, communications and social change by Pew Research Center and Elon University’s Imagining the Internet Center finds that many expect similar impacts to emerge from the COVID-19 outbreak.


A famed Silicon Valley dictum is to ask for forgiveness, not permission. Breaking the law has had no consequences, and policymakers have not been too exercised to create new laws for Big Tech to follow.


Today, the Supreme Court of the United Kingdom ruled on an important question as to whether certain drivers who work with Uber are entitled to certain protections Continue reading

Worth Reading: Career Advice for Young Engineers

David Bombal invited me for another short chat – this time on what I recommend young networking engineers just starting their career. As I did a bit of a research I stumbled upon some great recommendations on Quora:

I couldn’t save the pages to Internet Archive (looks like it’s not friendly with Quora), so I can only hope they won’t disappear ;)

Worth Reading: Career Advice for Young Engineers

David Bombal invited me for another short chat – this time on what I recommend young networking engineers just starting their career. As I did a bit of a research I stumbled upon some great recommendations on Quora:

I couldn’t save the pages to Internet Archive (looks like it’s not friendly with Quora), so I can only hope they won’t disappear ;)

Xilinx announces new line of adaptable SmartNIC cards

One thing is clear about Xilinx: It isn't waiting around for is acquisition by AMD to close. The latest initiatives from the company are a new SmartNIC card and an FPGA platform app store that features ready-to-deploy solutions aimed at key markets, such as data analytics, video and image processing, machine learning, and security.The new Alveo SN1000 line features integrated "composability" features that allow for customization. Enterprise users can add their own custom networking functions, as needed, to supplement the SmartNIC's core networking capabilities.To read this article in full, please click here

Weekend Reads 030521


Between preparing letters for tenure and promotion cases, and serving on committees at my home institutions, I have read a lot of materials about teaching, research, and service. I evaluate teaching records differently than most of my colleagues. There is a method to what I’m doing, and I’m sharing it here.


Cybercriminals are increasingly targeting Personally Identifiable Information (PII). The reason being “data is the new gold” in this digital world, and the more sensitive some data is, the more value it has.


OpenVault just released its Broadband Insights Report for the 4th quarter of 2020. The report shows continued staggeringly fast growth of broadband usage in the country. The growth has been so fast that OpenVault applies the word ‘exploded’ to describe the giant increase in customer usage.


Nearly two months after news surfaced about software updates from SolarWinds being used to distribute a backdoor Trojan called Sunburst/Solorigate to some 18,000 organizations worldwide, troubling questions remain about the scope and impact of the breach.


For ages now, every annual report on desktop operating system market share has had the same top two contenders: Microsoft’s Windows in a commanding lead at number one and Apple’s macOS in distant second place. Continue reading

Enterprise networking trends in 2021: Preparing for the new normal

A year into the coronavirus pandemic, IT continues to support remote employees. As organizations begin planning to bring workers back into the office, IT must now consider upgrading their networks to best support employees in a post-COVID world. IDC Senior Research Analyst for enterprise networking, Brandon Butler, joins Juliet to discuss what permanent changes IT should implement as workers prepare to return to the office, and how these changes differ from the temporary solutions put into place last year. From upgrading to Wi-Fi 6, to implementing SD-WAN, to shifting network management to the cloud, Brandon explains what steps IT teams can take to make the transition back to the office seamless for in-person and remote employees alike.To read this article in full, please click here

Tom’s Virtual Corner at Cisco Live Global 2021 – Anniversary

We made it through the year that was March 2020. Here were are on the other side trying to find out whatever this normal is supposed to look like. We’re not out of the woods yet but we do know that things aren’t going to be back to the way they were any time soon. That includes the events that we enjoyed traveling to and hanging out at.

Cisco Live has made the decision to go virtual again this year. One can’t blame them to be honest. Travel uncertainty and the potential liability of having a huge event just didn’t make sense. If you thought the old Conference Crud was bad you really don’t want this new-and-improved version! Cisco has also decided that one global event makes more sense than several events scattered across the calendar. That means that Cisco Live Europe and Cisco Live US are now global and happening at the end of March instead of January or June.

With the announcement that everything will be virtual again this year it also means that the social aspect of the event is going to be virtual as well. As much as we would have liked to hang out at Continue reading

Member News: Celebrating a Safer Internet

Safe learning: The Nigeria Chapter of the Internet Society celebrated Safer Internet Day with workshops about online safety at schools across the country. Chapter representatives talked to students about several topics, including fake news, online scams, phishing, and clickbait. The two-day workshops included in-person events that complied with COVID-19 social distancing rules, and an online discussion.

Internet to the village: The Kyrgyzstan Chapter has been working to bring Internet access to the village of Zardaly, in a remote and mountainous region of the southwest region of the country. The project has begun with a detailed study of the area, after which radio translators will be ordered and installed. The chapter has also posted an update about its Ilimbox project, an Internet-in-a-box device that, contains basic educational materials available without an Internet connection. The device has now been installed in 20 schools.

No registration required: The Hong Kong Chapter is among a coalition of groups opposing a proposal from the Chinese government that would require users of smartphones to register using their real names. Real-time registration won’t be effective in fighting crime and could hinder scientific research, the chapter said. “The real-name system cannot prevent crimes committed by using overseas calls Continue reading

The Teams Dashboard: Finding a Product Voice

The Teams Dashboard: Finding a Product Voice
The Teams Dashboard: Finding a Product Voice

My name is Alice Bracchi, and I’m the technical and UX writer for Cloudflare for Teams, Cloudflare's Zero Trust and Secure Web Gateway solution.

Today I want to talk about product voice — what it is, why it matters, and how I set out to find a product voice for Cloudflare for Teams.

On the Cloudflare for Teams Dashboard (or as we informally call it, “the Teams Dash”), our customers have full control over the security of their network. Administrators can replace their VPN with a solution that runs on Zero Trust rules, turning Cloudflare's network into their secure corporate network. Customers can secure all traffic by configuring L7 firewall rules and DNS filtering policies, and organizations have the ability to isolate web browsing to suspicious sites.

All in one place.

As you can see, a lot of action takes place on the Teams Dash. As an interface, it grows and changes at a rapid pace. This poses a lot of interesting challenges from a design point of view — in our early days, because we were focused on solving problems fast, many of our experiences ended up feeling a bit disjointed. Sure, users were able to Continue reading

Video: Path Discovery in Transparent Bridging and Routing

In the previous video in this series, I described how path discovery works in source routing and virtual circuit environments. I couldn’t squeeze the discussion of hop-by-hop forwarding into the same video (it would make the video way too long); you’ll find it in the next video in the same section.

Watch the video
The video is part of How Networks Really Work webinar and available with Free ipSpace.net Subscription.

Video: Path Discovery in Transparent Bridging and Routing

In the previous video in this series, I described how path discovery works in source routing and virtual circuit environments. I couldn’t squeeze the discussion of hop-by-hop forwarding into the same video (it would make the video way too long); you’ll find it in the next video in the same section.

Watch the video
The video is part of How Networks Really Work webinar and available with Free ipSpace.net Subscription.

What Is Technical Marketing??? – Video

Martez Reed, Director of Technical Marketing at Morpheus Data, joins the Day Two Cloud podcast for a discussion. To hear this entire conversation, GO HERE. And hey, have a great day. You’re doing an outstanding job. ? You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a […]

The post What Is Technical Marketing??? – Video appeared first on Packet Pushers.

5 Key Takeaways from IstioCon 2021

Lin Sun Lin is the Director of Open-Source at Solo.io. She has worked on Istio service mesh since 2017 and serves on the Istio Technical Oversight Committee. Previously, she served on the Istio Steering Committee for three years and was a Senior Technical Staff Member and Master Inventor at IBM for 15+ years. She is the author of the book Istio Explained and has more than 200 patents to her name. This year’s first-ever Istio service mesh connects microservices. As the conference program co-chair, I had the incredible honor to work with the rest of the program committee to select conference submissions from a diverse range of world-class speakers. I wanted to share my five key takeaways from the show: 2020: A Year of Istio Innovation I have heard repeatedly from users that Istio is much easier to use thanks to the consolidation of all control plane components into Istiod. The removal of Mixer and the introduction of Web Assembly extensibility capabilities has also been widely lauded by the community. A complete list Continue reading

The Hedge #73: Daniel Teycheney and Open Source in Networking

Combining, or stitching together, open source projects to build something unique for your network is becoming more common. What does this look like in the real world? What are some of the positive and negative aspects of building things this way? How do open source projects interact with the commercial world? Daniel Teycheney joins Tom Ammon, Jett Tantsura, and Russ White to discuss open source software in networking, particularly around network monitoring and management.

download

1 731 732 733 734 735 3,794