Government cybersecurity agency warns of Windows Server exploit

The federal government's Cybersecurity and Infrastructure Security Agency (CISA) has issued a rare emergency directive to federal government agencies to roll out a Windows Server patch within days, an indication of the severity of the exploit.The directive was issued on September 18, and agencies were given four days to apply the security update. It demands that executive agencies take "immediate and emergency action" to patch CVE-2020-1472, issued August 11.The vulnerability is in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory from Windows Server 2008 to Server 2019. It has been named "Zerologon" because of how it works.To read this article in full, please click here

Government cybersecurity agency warns of Windows Server exploit

The federal government's Cybersecurity and Infrastructure Security Agency (CISA) has issued a rare emergency directive to federal government agencies to roll out a Windows Server patch within days, an indication of the severity of the exploit.The directive was issued on September 18, and agencies were given four days to apply the security update. It demands that executive agencies take "immediate and emergency action" to patch CVE-2020-1472, issued August 11.The vulnerability is in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory from Windows Server 2008 to Server 2019. It has been named "Zerologon" because of how it works.To read this article in full, please click here

What Does Normal Look Like Now? COVID’s Impact on the Internet

Six months ago, when the World Health Organization declared COVID-19 a pandemic, it accelerated the shift out of offices and schools and onto the Internet. Back then, we asked if the Internet was resilient enough to withstand Coronavirus. After several months of observations, we confirmed that it is, thanks to the strength, resilience and success of the open architecture that underpins it. Since then, concerns about the Internet’s ability to handle the increase in lockdown-driven traffic seem to have abated, resulting in fewer articles and blog posts on the topic.

Getting Back to Normal

As we head into the final months of 2020, some businesses have reopened in a limited capacity, allowing employees to return to their brick-and-mortar workplaces. Many students are also returning to school, whether in person or online. Yet, the lack of affordable and available Internet access remains a significant issue. Earlier this year, we heard stories about students sitting outside schools and libraries in search of reliable WiFi in order to attend classes. As the new school year starts in North America, we heard about students using WiFi signals from a local fast food chain restaurant to complete their homework. And with students now needing to Continue reading

TAYGA: Bridge an IPv6 Network Back to IPv4 using NAT64

Every network admin on the planet knows this dirty little secret: We’re running out of IPv4 addresses. This was an inevitability, given how wide-spread the network and network devices have become. Even on your LAN, you sometimes have to use subnetting, simply because you’ve found the devices on your massive enterprise network have gobbled up all the 192.68.1.x addresses. It’s a problem. Which is why IPv6 was developed. IPv6 offers a larger pool of addresses from which to use. The problem is that IPv6 isn’t nearly as easy to employ as IPv4. After all, 192.168.1.1 is much easier to remember than 0:0:0:0:0:ffff:c0a8:101. But what’s a network administrator to do? Migrate all of those servers and various hardware devices from IPv4 to IPv6? In theory, yes, that is exactly what should happen. However, that’s not nearly as easy as one would like to think it would be. After all, you might have hundreds upon hundreds of devices and numerous locations. On top of which, there’s always that pesky DNS that must be updated (which could equate to downtime). Oh, and let’s not forget that IPv6 is not backward compatible with IPv4. Why was this decision Continue reading

Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE

If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.Cisco this week posted 25 “High” rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the company’s most widely used operating systems. The warnings affect firewalls, wireless access points and switches.Network pros react to new Cisco certification curriculum For example, one of the highest rated threats--with an 8.6 out of 10 threat level, are multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the firewall,resulting in a denial of service (DoS).To read this article in full, please click here

Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE

If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.Cisco this week posted 25 “High” rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the company’s most widely used operating systems. The warnings affect firewalls, wireless access points and switches.Network pros react to new Cisco certification curriculum For example, one of the highest rated threats--with an 8.6 out of 10 threat level, are multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the firewall,resulting in a denial of service (DoS).To read this article in full, please click here

MemVerge ships software-defined persistent memory software

Big Memory software startup MemVerge launched its Memory Machine software designed to turn DRAM and Intel Optane persistent memory into a software-defined memory pool, bringing DRAM performance to persistent memory (PMEM).For some use cases, SSDs just aren’t fast enough. “Despite all the great advances in storage, the latency difference between memory and storage remains at more than three orders of magnitude, making this data movement inefficient,” said Alper Ilkbahar, vice president and general manager of the memory and storage product group at Intel in a conference call with MemVerge.To read this article in full, please click here

MemVerge ships software-defined persistent memory software

Big Memory software startup MemVerge launched its Memory Machine software designed to turn DRAM and Intel Optane persistent memory into a software-defined memory pool, bringing DRAM performance to persistent memory (PMEM).For some use cases, SSDs just aren’t fast enough. “Despite all the great advances in storage, the latency difference between memory and storage remains at more than three orders of magnitude, making this data movement inefficient,” said Alper Ilkbahar, vice president and general manager of the memory and storage product group at Intel in a conference call with MemVerge.To read this article in full, please click here

The Smörgåsbord

No plan, no script, no net. In this episode Tony and Jordan give a peek behind the curtains on what has been going on with them both personally and professionally. This episode has a bit of everything. Personal struggles, new hobbies, work news, and a Defcon capture the flag story. This is the Smörgåsbord.

 

Network Collective thanks NVIDIA for sponsoring today’s episode. NVIDIA is positioned as the leader in open networking and provides end-to-end solutions at all layers of the software and hardware stack. You can experience NVIDIA Cumulus in the Cloud for free!  Head on over to:

https://cumulusnetworks.com/ncpod

to see what a modern open network operating system looks like for yourself.
Tony Efantis
Host
Jordan Martin
Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post The Smörgåsbord appeared first on Network Collective.

Video: Bridging, Routing, Switching

If you’re working solely with IP-based networks, you’re probably quick to assume that hop-by-hop destination-only forwarding is the only packet forwarding paradigm that makes sense. Not true, even today’s networks use a variety of forwarding mechanisms, most of them called some variant of routing or switching.

What exactly is the difference between the two, and what is bridging? I’m answering these questions (and a few others like what’s the difference between data-, control- and management planes) in the Bridging, Routing and Switching Terminology video.

Watch the video
The video is part of How Networks Really Work webinar and available with Free ipSpace.net Subscription.

Scaling the Root of the DNS

The DNS is a remarkably simple system. You send it queries and you get back answers. Simple. However, the DNS is simple in the same way that Chess or Go are simple. They are all constrained environments governed by a small set of rigid rules, but they all possess astonishing complexity.

Static Analysis of Java Enterprise Applications: Frameworks and Caches, the Elephants in the Room

Static analysis of Java enterprise applications: frameworks and caches, the elephants in the room, Antoniadis et al., PLDI’20

Static analysis is a key component of many quality and security analysis tools. Being static, it has the advantage that analysis results can be produced solely from source code without the need to execute the program. This means for example that it can be applied to analyse source code repositories and pull requests, be used as an additional test in CI pipelines, and even give assistance in your IDE if it’s fast enough.

Enterprise applications have (more than?) their fair share of quality and security issues, and execute in a commercial context where those come with financial and/or reputational risk. So they would definitely benefit from the kinds of reassurances that static analysis can bring. But there’s a problem:

Enterprise applications represent a major failure of applying programming languages research to the real world — a black eye of the research community. Essentially none of the published algorithms or successful research frameworks for program analysis achieve acceptable results for enterprise applications on the main quality axes of static analysis research: completeness, precision, and scalability.

If you try running Continue reading

A Year Later: Reflections on the ANZ Security Landscape

A Year Later: Reflections on the ANZ Security Landscape
A Year Later: Reflections on the ANZ Security Landscape

It’s been one year since I joined Cloudflare as Head of Australia and New Zealand. While it has been a great year for our ANZ operations, it is hard to stop thinking about the elephant in the room, especially as I’m writing this blog from my home in the middle of Melbourne’s lockdown.

The pandemic has not only disrupted our daily lives, but has also caused a massive shift to remote work for many of us. As a result, security teams lost visibility into office network traffic, their employees moved to unsupervised WiFi networks with new video conferencing technology, and their IT teams found that their out-dated VPN platforms could not handle all the traffic of remote employees. While many organisations were already moving to cloud-based applications, this year has exacerbated the need for greater security posture. Our team has been even more humbled by our mission to help build a better Internet and help organisations face the increased security threats COVID-19 has triggered. With that in mind, I’d like to take a look back at the milestones of the past year.

First, I’d like to recognise how strong and resilient our people have been in the past year. It Continue reading

What is a virtual machine, and why are they so useful?

Many of today’s cutting-edge technologies such as cloud computing, edge computing and microservices, owe their start to the concept of the virtual machine—separating operating systems and software instances from the underlying physical computer.What is a virtual machine? A virtual machine (VM) is software that runs programs or applications without being tied to a physical machine. In a VM instance, one or more guest machines can run on a host computer.To read this article in full, please click here

What is a virtual machine, and why are they so useful?

Many of today’s cutting-edge technologies such as cloud computing, edge computing and microservices, owe their start to the concept of the virtual machine—separating operating systems and software instances from the underlying physical computer.What is a virtual machine? A virtual machine (VM) is software that runs programs or applications without being tied to a physical machine. In a VM instance, one or more guest machines can run on a host computer.To read this article in full, please click here

1 840 841 842 843 844 3,795