Yes, we can validate leaked emails
When emails leak, we can know whether they are authenticate or forged. It's the first question we should ask of today's leak of emails of Hunter Biden. It has a definitive answer.
Today's emails have "cryptographic signatures" inside the metadata. Such signatures have been common for the past decade as one way of controlling spam, to verify the sender is who they claim to be. These signatures verify not only the sender, but also that the contents have not been altered. In other words, it authenticates the document, who sent it, and when it was sent.
Crypto works. The only way to bypass these signatures is to hack into the servers. In other words, when we see a 6 year old message with a valid Gmail signature, we know either (a) it's valid or (b) they hacked into Gmail to steal the signing key. Since (b) is extremely unlikely, and if they could hack Google, they could a ton more important stuff with the information, we have to assume (a).
Your email client normally hides this metadata from you, because it's boring and humans rarely want to see it. But it's still there in the original email document. An email Continue reading
Best of Fest: AnsibleFest 2020
Thank you to everyone who joined us over the past two days for the AnsibleFest 2020 virtual experience. We had such a great time connecting with Ansible lovers across the globe. In case you missed some of it (or all of it), we have some event highlights to share with you! If you want to go see what you may have missed, all the AnsibleFest 2020 content will be available on demand for a year.
Community Updates
This year at AnsibleFest 2020, Ansible Community Architect Robyn Bergeron kicked off with her keynote on Tuesday morning. We heard how with Ansible Content Collections, it’s easier than ever to use Ansible the way you want or need to, as a contributor or an end user. Ansible 2.10 is now available, and Robyn explained how the feedback loop got us there. If you want to hear more about the Ansible community project, go watch Robyn’s keynote on demand.
Product Updates
Ansible’s own Richard Henshall talked about the Red Hat Ansible Automation Platform product updates and new releases. In 2018, we unveiled the Ansible certified partner program and now we have over 50 platforms certified. We are bridging traditional Continue reading
Intel To Amp Up Security With “Ice Lake” Xeon SP Servers
Security is one of those necessary things that should not be an afterthought, but often is, and ideally is so invisible that it doesn’t get in the way of applications and the infrastructure it runs on. …
Intel To Amp Up Security With “Ice Lake” Xeon SP Servers was written by Timothy Prickett Morgan at The Next Platform.
Sponsored Post: IP2Location, Ipdata, StackHawk, InterviewCamp.io, Educative, Triplebyte, Stream, Fauna
Who's Hiring?
- InterviewCamp.io has hours of system design content. They also do live system design discussions every week. They break down interview prep into fundamental building blocks. Try out their platform.
- Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.
- Need excellent people? Advertise your job here!
Cool Products and Services
- IP2Location is IP address geolocation service provider since 2002. The geolocation database or API detects location, proxy and other >20 parameters. The technology has been cited in more than 700 research papers and trusted by many Fortune 500 companies. Try it today!
- ipdata is a reliable IP Address Geolocation API that allows you to lookup the approximate location of any IP Address, detect proxies and identify a company from an IP Address. Trusted by 10,000+ developers. Try it now!
- Developers care about shipping secure applications. Application security products and processes, however, have not kept up with advances in software development. There are a new breed of tools hitting the market that enable developers to take the lead on AppSec. Learn how Continue reading
Evolution of Excel 4.0 Macro Weaponization – Continued
Introduction
The evolution of the Excel 4.0 (XL4) macro malware proceeds apace, with new variations and techniques regularly introduced. To understand the threat landscape, the VMware NSBU Threat Analysis Unit extended its previous research on XL4 macro malware (see the previous blog) to analyze new trends and techniques.
Against analysis engines, the new samples have some novel evasion techniques, and they perform attacks more reliably. These variants were observed in June and July. Figure 1 depicts the Excel 4.0 macro malware wave.
Figure 1: Malicious XL4 submission: May-Aug 2020
Broadly, the samples can be categorized into three clusters. Based on the variation of the samples in these three clusters, the weaponized documents can be grouped into multiple variants.
Cluster 1: Relative Reference
The samples in this cluster appeared in the month of June. They use FORMULA.FILL for obfuscation and to move the payload around the sheet. The formula uses relative references to access values stored in the sheet. There are variations in this category; Continue reading
Member News: Haitian Chapter Calls for More Community Networks
From the community: The Haiti Chapter of the Internet Society recently posted a video advocating for more community networks in the country. Internet access is a necessity during the COVID-19 health emergency, the Chapter said. Still, there is a challenge of providing access in rural areas of the country. The Chapter wants a plan that allows communities to build their own networks “where it is not yet economically viable for Internet service providers” to offer broadband service.
Going to school: The Kyrgyzstan Chapter has provided an update about its very active ilimBox project, which provides an Internet-in-a-box service to schools in the country. In late August, the ilimBox team, with the financial support of the European Union, installed 22 ilimBox devices in the border villages of Batken region.
Don’t split the Internet: The Greater Washington, D.C., Chapter has voiced opposition to U.S. President Donald Trump’s plans to ban Chinese apps TikTok and WeChat from the U.S. The Chapter is “against breaking the Internet,” it wrote. The proposed ban “undermines the foundations of the Internet.” The Chapter’s statement echoes the position of the Internet Society as a whole.
Safety first: The St. Vincent and the Grenadines Continue reading
Day Two Cloud 070: The State Of Multi-Cloud Networking
Today's show is a vigorous discussion of multi-cloud networking. Our guest, networking expert Ivan Pepelnjak, brings a heavy dose of skepticism, nuance, and informed perspective to the tricky issue of connecting workloads across different public clouds.Day Two Cloud 070: The State Of Multi-Cloud Networking
Today's show is a vigorous discussion of multi-cloud networking. Our guest, networking expert Ivan Pepelnjak, brings a heavy dose of skepticism, nuance, and informed perspective to the tricky issue of connecting workloads across different public clouds.
The post Day Two Cloud 070: The State Of Multi-Cloud Networking appeared first on Packet Pushers.
Introducing Cloudflare One Intel
Earlier this week, we announced Cloudflare One, a single platform for networking and security management. Cloudflare One extends the speed, reliability, and security we’ve brought to Internet properties and applications over the last decade to make the Internet the new enterprise WAN.
Underpinning Cloudflare One is Cloudflare’s global network - today, our network spans more than 200 cities worldwide and is within milliseconds of nearly everyone connected to the Internet. Our network handles, on average, 18 million HTTP requests and 6 million DNS requests per second. With 1 billion unique IP addresses connecting to the Cloudflare network each day, we have one of the broadest views on Internet activity worldwide.
We see a large diversity of Internet traffic across our entire product suite. Every day, we block 72 billion cyberthreats. This visibility provides us with a unique position to understand and mitigate Internet threats, and enables us to see new threats and malware before anyone else.
At the beginning of this month, as part of our 10th Birthday Week, we launched Cloudflare Radar, which shares high-level trends with the general public based on our network’s aggregate data. The same data that powers that view of the Internet also Continue reading
Introducing WARP for Desktop and Cloudflare for Teams
Cloudflare launched ten years ago to keep web-facing properties safe from attack and fast for visitors. Cloudflare customers owned Internet properties that they placed on our network. Visitors to those sites and applications enjoyed a faster experience, but that speed was not consistent for accessing Internet properties outside the Cloudflare network.
Over the last few years, we began building products that could help deliver a faster and safer Internet to everyone, not just visitors to sites on our network. We started with the first step to visiting any website, a DNS query, and released the world’s fastest public DNS resolver, 1.1.1.1. Any Internet user could improve the speed to connect to any website simply by changing their resolver.
While making the Internet faster for users, we also focused on making it more private. We built 1.1.1.1 to accelerate the last mile of connections, from user to our edge or other destinations on the Internet. Unlike other providers, we did not build it to sell ads.
Last year we went one step further to make the entire connection from a device both faster and safer when we launched Cloudflare WARP. With the push of a Continue reading
Cloudflare Gateway now protects teams, wherever they are
In January 2020, we launched Cloudflare for Teams—a new way to protect organizations and their employees globally, without sacrificing performance. Cloudflare for Teams centers around two core products - Cloudflare Access and Cloudflare Gateway.
In March 2020, Cloudflare launched the first feature of Cloudflare Gateway, a secure DNS filtering solution powered by the world’s fastest DNS resolver. Gateway’s DNS filtering feature kept users safe by blocking DNS queries to potentially harmful destinations associated with threats like malware, phishing, or ransomware. Organizations could change the router settings in their office and, in about five minutes, keep the entire team safe.
Shortly after that launch, entire companies began leaving their offices. Users connected from initially makeshift home offices that have become permanent in the last several months. Protecting users and data has now shifted from a single office-level setting to user and device management in hundreds or thousands of locations.
Security threats on the Internet have also evolved. Phishing campaigns and malware attacks have increased in the last six months. Detecting those types of attacks requires looking deeper than just the DNS query.
Starting today, we’re excited to announce two features in Cloudflare Gateway that solve those new challenges. First, Continue reading
The 5G Problems
The Apple iPhone 12 has 5G but its not for customers. Its because the mobile co’s wanted it. And they indirectly paid Apple for it. While its true that 5G increases bandwidth and reduces latency, it more important that it reduces infrastructure costs. Alert: This twitter thread is a trial of the “blog post as […]