|
Nov 13, 2018
Computer scientists at the University of California at Riverside have found that GPUs are vulnerable to side-channel attacks, the same kinds of exploits that have impacted Intel and AMD CPUs.
Two professors and two students, one a computer science doctoral student and a post-doctoral researcher, reverse-engineered a Nvidia GPU to demonstrate three attacks on both graphics and computational stacks, as well as across them. The researchers believe these are the first reported side-channel attacks on GPUs.
[ Read also: What are the Meltdown and Spectre exploits? | Get regularly scheduled insights: Sign up for Network World newsletters ]
A side-channel attack is one where the attacker uses how a technology operates, in this case a GPU, rather than a bug or flaw in the code. It takes advantage of how the processor is designed and exploits it in ways the designers hadn't thought of.
To read this article in full, please click here
|
|
Nov 13, 2018
iDrive has activated a significant discount on their Remote access software RemotePC in these days leading into Black Friday. RemotePC by iDrive is a full-featured remote access solution that lets you connect to your work, home or office computer securely from anywhere, and from any iOS or Android device. Right now, their 50 computer package is 90% off or just $6.95 for your 1st year. If you've been thinking about remote access solutions, now is a good time to consider RemotePC.
|
|
Nov 09, 2018
Despite the goal of keeping web communications private, flaws in the design and implementation of Transport Layer Security have led to breaches. But the latest version - TLS 1.3 - is an overhaul that strengthens and streamlines the crypto protocol.
What is TLS?
TLS is a cryptographic protocol that provides end-to-end communications security over networks and is widely used for internet communications and online transactions. It is an IETF standard intended to prevent eavesdropping, tampering and message forgery. Common applications that employ TLS include Web browsers, instant messaging, e-mail and voice over IP.
To read this article in full, please click here
|
|
Nov 02, 2018
The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.
The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.
To read this article in full, please click here
|
|
Oct 30, 2018
A firewall is a network device that monitors packets going in and out of networks and blocks or allows them according to rules that have been set up to define what traffic is permissible and what traffic isn't.
There are several types of firewalls that have developed over the years, becoming progressively more complex over time and taking more parameters into consideration when determining whether traffic should or should not be allowed to pass. The most modern are commonly known as next-generation firewalls (NGF) and incorporate many other technologies beyond packet filtering.
[ Also see What to consider when deploying a next generation firewall. | Get regularly scheduled insights by signing up for Network World newsletters. ]
Initially placed at the boundaries between trusted and untrusted networks, firewalls are now also deployed to protect internal segments of networks, such as data centers, from other segments of organizations' networks.
To read this article in full, please click here
|
|
Oct 30, 2018
Last week, the tech press made a big deal out of a ruling by the Librarian of Congress and the U.S. Copyright Office to allow consumers to break vendors' digital rights management (DRM) schemes in order to fix their own smartphones and digital voice assistants. According to The Washington Post, for example, the ruling — which goes into effect Oct. 28 — was a big win for consumer right-to-repair advocates.
To read this article in full, please click here
|
|
Oct 23, 2018
You know you need to protect your company from unauthorized or unwanted access. You need a network-security tool that examines the flow of packets in and out of the enterprise, governed by rules that decide whether that flow is safe, malicious or questionable and in need of inspection. You need a firewall.
Recognizing that you need a firewall is the first - and most obvious -- step. The next crucial step in the decision-making process is determining which firewall features and policies best-suit your company's needs.
Today's enterprise firewalls must be able to secure an increasingly complex network that includes traditional on-premises data center deployments, remote offices and a range of cloud environments. Then you have to implement and test the firewall once it's installed. Perhaps the only element more complex than configuring, testing and managing a next-generation firewall is the decision-making process regarding which product to trust with your enterprise security.
To read this article in full, please click here
(Insider Story)
|
|
Oct 18, 2018
Shodan, a search engine for all ports within the internet, can help enterprises identify and lock down security vulnerabilities. Senior writer J.M. Porup and content producer Juliet Beauchamp talk through the security scenarios.
|
|
Oct 12, 2018
So far, so good. That's the report from Internet Corporation for Assigned Names and Numbers (ICANN) as it rolled out the first-ever changing of the cryptographic key that helps protect the internet's address book - the Domain Name System (DNS) on Oct. 11.
The change is central to ICANN's project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol — commonly known as the root zone key signing key (KSK) — which secures the internet's foundational servers. This so-called root KSK rollover from the 2010 KSK to the 2017 KSK was supposed to take place almost a year ago but was delayed until Oct. 11 of this year because of concerns it might disrupt internet connectivity to significant numbers of web users.
To read this article in full, please click here
|
|
Oct 12, 2018
With the midterm elections looming, electronic voting machines are getting increased scrutiny. J.M. Porup, senior writer at CSO, sits in the hosts chair this episode, breaking down the security risk with content producer Juliet Beauchamp.
|
|
Oct 12, 2018
Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach.
|
|
Oct 12, 2018
Security expert and author Bruce Schneier talks with senior writer J.M. Porup about that widespread use of connected chips -- allowing hackers to access cars, refrigerators, toys and soon, even more home consumer items.
|
|
Oct 11, 2018
Facebook and Google recently acknowledged data breaches affecting millions of users. This won't be the last time that happens. CSO's J.M. Porup and Computerworld's Ken Mingis examine what's really going.
|
|
Oct 04, 2018
It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.
Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.
To read this article in full, please click here
|
|
Oct 01, 2018
Cisco said today it had closed the $2.35 billion deal it made for network identity, authentication security company Duo.
According to Cisco, Duo's zero-trust security model authorizes secure connections to all applications based on the trustworthiness of users and devices. Duo's cloud-delivered technology lets IT professionals set and enforce risk-based, adaptive access policies and get enhanced visibility into users' devices and activities. As more devices come onto the network remotely this issue takes on more importance.
"Outdated devices are particularly vulnerable to being compromised, which can easily spiral into a full-blown, major breach," wrote Richard Archdeacon, Duo Advisory CISO about a recent Duo study on remote access security. "Organizations don't necessarily need to block individuals from using their personal devices, but they do need to re-shape their security models to fit these evolving working practices. … If you don't know what's connecting to the network, how can you protect data from being compromised?"
To read this article in full, please click here
|
|
Sep 27, 2018
Cisco today exposed 13 vulnerabilities in its IOS and IOS XE switch and router operating software that the company said should be patched as soon as possible.
The vulnerabilities were detailed in Cisco's twice-yearly dump of IOS exposures. All have a High Impact security rating, and fixes should be evaluated by users quickly.
[ Also see Invaluable tips and tricks for troubleshooting Linux. ]
The company said this particular batch of issues could let an attacker gain elevated privileges for an affected device or cause a denial of service (DoS) on an affected device.
To read this article in full, please click here
|
|
Sep 19, 2018
In a few months, the internet will be a more secure place.
That's because the Internet Corporation for Assigned Names and Numbers (ICANN) has voted to go ahead with the first-ever changing of the cryptographic key that helps protect the internet's address book - the Domain Name System (DNS).
[ Now see: The hidden cause of slow internet and how to fix it. ]
The ICANN Board at its meeting in Belgium this week, decided to proceed with its plans to change or "roll" the key for the DNS root on Oct. 11, 2018. It will mark the first time the key has been changed since it was first put in place in 2010.
To read this article in full, please click here
|
|
Sep 07, 2018
Cloud has undoubtedly become a key component of successful business in recent years, especially when you consider the race to digitally transform. Across the globe, companies are moving their applications and services to the cloud and are consequently reaping the benefits of lower capex and opex as a result.
However, with this process, cloud migration is only a beginning for any organization's digital transformation (DX) journey. If harnessed correctly, cloud is a pillar of innovation for DX, and can be a driving force for new business models and use cases that - even a few years ago - weren't possible. No one knows this better than devops teams; these teams hold the line when it comes to continuous delivery and deployment, and it therefore stands to reason that devops play a crucial role in the digital transformation journey. In practice however, the decision makers in charge of cloud strategies are rarely those in the bowels of the ship.
To read this article in full, please click here
|
|
Sep 05, 2018
Ready or not, the upgrade to an important internet security operation may soon be launched. Then again, it might not.
The Internet Corporation for Assigned Names and Numbers (ICANN) will meet the week of Sept. 17 and will likely decide whether or not to give the go ahead on its multi-year project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol — commonly known as the root zone key signing key (KSK) — which secures the Internet's foundational servers.
[ RELATED: Firewall face-off for the enterprise ]
Changing these keys and making them stronger is an essential security step, in much the same way that regularly changing passwords is considered a practical habit by any Internet user, ICANN says. The update will help prevent certain nefarious activities such as attackers taking control of a session and directing users to a site that for example might steal their personal information.
To read this article in full, please click here
(Insider Story)
|
|
Aug 31, 2018
In this episode, host Steve Ragan talks with Karl Hiramoto, technical solutions consultant for VirusTotal, maker of VirusTotal Intelligence, a searchable detection tool for malware.
|
|
Aug 28, 2018
VMware is expanding its security range with a new version of its virtualization software that has security integrated into the hypervisor.
"Our flagship VMware vSphere product now has AppDefense built right in," VMware CEO Pat Gelsinger told the audience at VMworld 2018, which kicked off this week in Las Vegas. "Platinum will enable virtualization teams - you - to give an enormous contribution to the security profile of your enterprise."
[See our review of VMware's vSAN 6.6 and check out IDC's top 10 data center predictions. Get regularly scheduled insights by signing up for Network World newsletters]
Announced one year ago, AppDefense is VMware's data-center endpoint-security product, designed to protect applications running in virtualized environments. AppDefense uses machine learning and behavioral analytics to understand how an application is supposed to behave, and it detects threats by monitoring for changes to the application's intended state.
To read this article in full, please click here
|
|
Aug 23, 2018
In this episode, host Steve Ragan talks with Engin Akyol, CTO at Distil Networks at the Black Hat 2018 conference, about bot account takeovers and how they can be detected.
|
|
Aug 20, 2018
As enterprises endeavor to expand domestic and global footprints, agile network infrastructure connectivity across geographies continues to prove an ongoing challenge. In particular, ensuring that data shared over these networks is protected from unauthorized access is a primary directive in today's evolving cyber threat landscape. These often-contradictory demands call for IT decision makers to invest in innovation that will facilitate network flexibility and agility without compromising security, productivity or performance.
This challenge begs a simple question. How can a WAN deliver the flexibility and agility necessary to help an organization grow without increasing exposure to data breaches and other security problems? After all, if the cost of convenience is increased network vulnerabilities, can it be considered a sound approach?
To read this article in full, please click here
|
|
Aug 17, 2018
Network administrators, IT managers and security professionals face a never-ending battle, constantly checking on what exactly is running on their networks and the vulnerabilities that lurk within. While there is a wealth of monitoring utilities available for network mapping and security auditing, nothing beats Nmap's combination of versatility and usability, making it the widely acknowledged de facto standard.
What is Nmap?
Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.
To read this article in full, please click here
|
|
Aug 16, 2018
Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business's web presence goes down.
DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.
You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities.
To read this article in full, please click here
|
|
Aug 15, 2018
Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or "L1 Terminal Fault" is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?
L1TF, L1 Terminal Fault, and Foreshadow
The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it "Foreshadow". It is similar to vulnerabilities discovered in the past (such as Spectre).
This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes.
To read this article in full, please click here
|
|
Aug 10, 2018
Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.
|
|
Aug 09, 2018
Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called "tool sprawl" where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.
Ideally, every tool would receive information from every network device, enabling it to have a complete view of what's happening, who is accessing what, where they are coming in from, and when events occurred.
To read this article in full, please click here
|
|
Aug 08, 2018
Taiwanese chip-making giant Taiwan Semiconductor Manufacturing Co. (TSMC), whose customers include Apple, Nvidia, AMD, Qualcomm, and Broadcom, was hit with a WannaCry infection last weekend that knocked out production for a few days and will cost the firm millions of dollars.
Most chip companies are fabless, meaning they don't make their own chips. It's a massively expensive process, as Intel has learned. Most, like the aforementioned firms, simply design the chips and farm out the manufacturing process, and TSMC is by far the biggest player in that field.
CEO C.C. Wei told Bloomberg that TSMC wasn't targeted by a hacker; it was an infected production tool provided by an unidentified vendor that was brought into the company. The company is overhauling its procedures after encountering a virus more complex than initially thought, he said.
To read this article in full, please click here
|
|
Jul 27, 2018
When selecting VPN routers, small businesses want ones that support the VPN protocols they desire as well as ones that fit their budgets, are easy to use and have good documentation.
We looked at five different models from five different vendors: Cisco, D-Link, and DrayTek, Mikrotik and ZyXEL. Our evaluation called for setting up each unit and weighing the relative merits of their price, features and user-friendliness.
[ Learn who's developing quantum computers.]
Below is a quick summary of the results:
To read this article in full, please click here
(Insider Story)
|
|
May 22, 2018
There are many aspects to security on Linux systems - from setting up accounts to ensuring that legitimate users have no more privilege than they need to do their jobs. This is look at some of the most essential security commands for day-to-day work on Linux systems.
sudo
Running privileged commands with sudo - instead of switching user to root - is one essential good practice as it helps to ensure that you only use root privilege when needed and limits the impact of mistakes. Your access to the sudo command depends on settings in the /etc/sudoers and /etc/group files.
[ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ]
$ sudo adduser shark
Adding user `shark' ...
Adding new group `shark' (1007) ...
Adding new user `shark' (1007) with group `shark' ...
Creating home directory `/home/shark' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for shark
Enter the new value, or press ENTER for the default
Full Name []: shark
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] Y
If you run sudo and ask who you are, for example, you'll get confirmation that you're running the command as root.
To read this article in full, please click here
(Insider Story)
|
|
May 09, 2018
"I am all about useful tools. One of my mottos is 'the right tool for the right job.'" -Martha Stewart
If your "right job" involves wrangling computer networks and figuring out how to do digital things effectively and efficiently or diagnosing why digital things aren't working as they're supposed to, you've got your hands full. Not only does your job evolve incredibly quickly becoming evermore complex, but whatever tools you use need frequent updating and/or replacing to keep pace, and that's what we're here for; to help in your quest for the right tools.
[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
We've done several roundups of free network tools in the past, and since the last one, technology has, if anything, sped up even more. To help you keep up, we've compiled a new shortlist of seven of the most useful tools that you should add to your toolbox.
To read this article in full, please click here
(Insider Story)
|
|
Apr 24, 2018
Google's Android OS sometimes gets unfairly maligned as being weak on security. Computerworld blogger JR Raphael explains why that's a misconception and how users can keep their devices safe.
|
|
Apr 23, 2018
Spreading bad routing information to your neighbors on the internet isn't just bad manners, it could be bad for business.
That, at least, is the message that the Internet Society (ISOC) wants to spread, as it calls on internet exchange points (IXPs) to help eliminate the most common threats to the internet's routing system.
[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
If they do so, then it's good news for their members, the ISPs that interconnect there, and for those ISPs' customers, who will benefit from more secure and robust internet access.
To read this article in full, please click here
|
|
Apr 23, 2018
Not so long ago, the phrase "consumerization of IT" was on everyone's lips. Whole publications and conferences (remember CITE, for Consumerization of IT in the Enterprise?) were created to chronicle the trend of corporations relying on products and services originally created for consumers — which was often easier to use and of higher quality than its business-oriented competitors.
Well, no one talks much about the consumerization of IT anymore… not because the trend went away, but because consumer tech has now permeated every aspect of business technology. Today, it's just how things work — and if you ask me, that's a good thing.
To read this article in full, please click here
|
|
Apr 20, 2018
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Israel Barak, CISO at Cybereason, about his firm's recent honeypot research, which gathered information showing how the bot landscape is evolving.
|
|
Apr 18, 2018
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping companies improve their defenses.
|
|
Apr 12, 2018
Serverless computing is an emerging trend that is likely to explode in popularity this year. It takes the idea of a smaller server footprint to the next level. First, there were virtual machines, which ran a whole instance of an operating system. Then they were shrunk to containers, which only loaded the bare minimum of the OS required to run the app. This led to a smaller footprint.
Now we have "serverless" apps, which is a bit of a misnomer. They still run on a server; they just don't have a dedicated server, virtual machine, or container running 24/7. They run in a server instance until they complete their task, then shut down. It's the ultimate in small server footprint and reducing server load.
To read this article in full, please click here
|
|
Apr 10, 2018
Cisco has added new cloud and virtual deployment options for customers looking to buy into its Tetration Analytics security system.
Cisco's Tetration system gathers information from hardware and software sensors and analyzes it using big-data analytics and machine learning to offer IT managers a deeper understanding of their data center resources.
[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
Tetration can improve enterprise security monitoring, simplify operational reliability, give customers a single tool to collect consistent security telemetry across the entire data center and analyze large volumes of data in real time.
To read this article in full, please click here
|
|
Apr 10, 2018
IBM is widening its mainframe range with some narrower models - ZR1 and Rockhopper II - that are skinny enough to fit in a standard 19-inch rack, which will answer criticisms of potential customers that the hulking z14 introduced in July 2017 too big to fit in their data centers (see photo above).
In addition to new, smaller, packaging for its z14 hardware, IBM is also introducing Secure Service Container technology. This makes use of the z14's encryption accelerator and other security capabilities to protect containerized applications from unwanted interference.
[ Check out REVIEW: VMware's vSAN 6.6 and hear IDC's top 10 data center predictions . | Get regularly scheduled insights by signing up for Network World newsletters. ]
When IBM introduced the z14 last July, with an accelerator to make encrypting information standard practice in the data center, there was one problem: The mainframe's two-door cabinet was far too deep and too wide to fit in standard data center aisles.
To read this article in full, please click here
|
|
Apr 05, 2018
Traditional networking architectures over the past two decades or so prescribe that the hub of the network be build around a specific location, such as a data center or a company's headquarters building.
This location houses most of the equipment for compute, storage, communications, and security, and this is where enterprise applications are traditionally hosted. For people in branch and other remote locations, traffic is typically backhauled to this hub before going out to other locations, including to the cloud.
[ Don't miss customer reviews of top remote access tools. | Get daily insights by signing up for Network World newsletters. ]
To read this article in full, please click here
|
|
Apr 04, 2018
IoT security is about the farthest thing from a laughing matter in the world of technology today, threatening global trade, privacy and the basic infrastructure of modern society. So you could be forgiven for being taken aback that the newest defender of vulnerable systems against bad actors looks a little like Johnny 5 from the movie Short Circuit.
Researchers at Georgia Tech's School of Electrical and Computer Engineering rolled out the HoneyBot robot late last week. In essence, it's a canary in the digital coal mine, offering an early warning that someone is trying to compromise an organization's systems.
To read this article in full, please click here
|
|
Apr 04, 2018
"I am all about useful tools. One of my mottos is 'the right tool for the right job.'" -Martha Stewart
If your "right job" involves wrangling computer networks and figuring out how to do digital things effectively and efficiently or diagnosing why digital things aren't working as they're supposed to, you've got your hands full. Not only does your job evolve incredibly quickly becoming evermore complex, but whatever tools you use need frequent updating and/or replacing to keep pace, and that's what we're here for; to help in your quest for the right tools.
[ Don't miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]
We've done several roundups of free network tools in the past, and since the last one, technology has, if anything, sped up even more. To help you keep up, we've compiled a new shortlist of seven of the most useful tools that you should add to your toolbox.
To read this article in full, please click here
|
|
Mar 28, 2018
A new study from the Economist Intelligence Unit (EIU) shows that consumers around the world are deeply worried about in how their personal information is collected and shared by the Internet of Things (IoT). But let's be honest, the problem isn't that unsophisticated consumers are panicking for no reason. In fact, consumers are merely picking up on the very real inherent risks and uncertainties surrounding IoT data.
Businesses are also worried about IoT security
I'll get into the results and implications of the survey in a moment, but first I want to note that business and professionals are equally concerned. Perhaps that's why Gartner just predicted that IoT security spending will hit $1.5 billion by the end of the year, up 28 percent from 2017, and more than double to $3.1 billion by 2021.
To read this article in full, please click here
|
|
Mar 27, 2018
Internal tests from a leading industry vendor have shown that fixes applied to servers running Linux or Windows Server aren't as detrimental as initially thought, with many use cases seeing no impact at all.
The Meltdown and Spectre vulnerabilities, first documented in January, seemed like a nightmare for virtualized systems, but that is overblown. There are a lot of qualifiers, starting with what you are doing and what generation processor you are using.
The tests were done on servers running Xeons of the Haswell-EP (released in 2014), Broadwell-EP (released in 2016), and Skylake-EP (released in 2017). Haswell and Broadwell were the same microarchitecture, with minor tweaks. The big change there was Broadwell was a die shrink. Skylake, though, was a whole new architecture, and as it turns out, that made the difference.
To read this article in full, please click here
|
|
Mar 26, 2018
It was time to get a handle on BACnet traffic at Penn State.
BACnet is a communications protocol for building automation and control (BAC) systems such as heating, ventilating and air conditioning (HVAC), lighting, access control and fire detection. Penn State standardized on BACnet because of its openness.
[ For more on IoT see tips for securing IoT on your network, our list of the most powerful internet of things companies and learn about the industrial internet of things. | Get regularly scheduled insights by signing up for Network World newsletters. ]
"Any device, any manufacturer - as long as they talk BACnet, we can integrate them," says Tom Walker, system design specialist in the facility automation services group at Penn State. "It's a really neat protocol, but you have to know the quirks that come with deploying it, especially at scale."
To read this article in full, please click here
|
|
Mar 14, 2018
It's probably a good thing AMD didn't rub Intel's nose in the Meltdown and Spectre flaws too much because boy, would it have a doosy of a payback coming to it. A security firm in Israel has found 13 critical vulnerabilities spread across four separate classes that affect AMD's hot new Ryzen desktop and Epyc server processors.
However, the handling of the disclosure is getting a lot of attention, and none of it good. The company, CTS-Labs of Israel, gave AMD just 24 hours notice of its plans to disclose the vulnerabilities. Typically companies get 90 days to get their arms around a problem, and Google, which unearthed Meltdown, gave Intel six months.
To read this article in full, please click here
|
|
Mar 14, 2018
Remember this scene from the movie Shrek? The big ogre was explaining to Donkey that ogres are very complicated, and like onions, they have layers. Donkey, of course, didn't like the analogy because not everyone likes onions and would have preferred cake as everyone likes cake, but he did seem to understand that ogres did indeed have layers after it was explained to him.
Orges and onions have layers, but what else does? Or at least should?
Security for SD-WANs — but that may not seem obvious to everyone.
Also read: The case for securing the SD-WAN | Sign up: Get the latest tech news sent directly to your in-box
This week SD-WAN provider, Aryaka, which is now neck and neck with VeloCloud/VMware in market share, according to IHS Markit, announced Passport, a multi-layered security platform and ecosystem that provides best-of-breed security at every level of a software-defined WAN (SD-WAN).
To read this article in full, please click here
|
|
Mar 07, 2018
Intel just can't catch a break these days. Researchers at Ohio State University have found a way to use the Spectre design flaw to break into the SGX secure environment of an Intel CPU to steal information.
SGX stands for Software Guard eXtensions. It was first introduced in 2014 and is a mechanism that allows applications to put a ring around sections of memory that blocks other programs, the operating system, or even a hypervisor from accessing it.
To read this article in full, please click here
|
|
Mar 06, 2018
As we have seen, the Internet of Things will disrupt and change every industry and how actors within it do business. Along with new paradigms in services and products that one can offer due to the proliferation of IoT, come business risks as well as heightened security concerns - both physical and cyber. In our prior column, we spoke about this topic in the context of the Smart Electric Grid. Today we're taking a look at how IoT is disrupting the health care market and how we can take steps to secure it.
To read this article in full, please click here
|
|
Mar 05, 2018
As phishing attacks evolve, hackers are using customization and targeted scams to ensnare users. Asaf Cidon, vice president, email security services at Barracuda, talks with host Steve Ragan about the ever-changing cat-and-mouse game of phishing.
|
|
Feb 28, 2018
A flaw in the implementation of the UDP protocol for Memcached servers can allow anyone to launch a massive Distributed Denial of Service (DDoS) attack with little effort.
The problem was first discovered by the 0kee Team from China, which published a paper about it (pdf). This past week, security researchers at content delivery network (CDN) specialist Cloudflare also wrote about the issue. And CDN specialist Akamai and security provider Arbor Networks recently published their findings.
To read this article in full, please click here
|
|
Feb 27, 2018
With the General Data Protection Regulation (GDPR) deadline fast approaching, host Steve Ragan explores the implications of noncompliance for companies -- and possible penalties -- with Greg Reber, founder/CEO of AsTech Consulting.
|
|
Feb 22, 2018
Performance is critical when evaluating data center intrusion-prevention systems (DCIPS), which face significantly higher traffic volumes than traditional IPSes.
A typical IPS is deployed at the corporate network perimeter to protect end-user activity, while a DCIPS sits inline, inside the data center perimeter, to protect data-center servers and the applications that run on them. That requires a DCIPS to keep pace with traffic from potentially hundreds of thousands of users who are accessing large applications in a server farm, says NSS Labs, which recently tested five DCIPS products in the areas of security, performance and total cost of ownership.
To read this article in full, please click here
|
|
Feb 20, 2018
As pretty much everyone knows, the Internet of Things (IoT) hype has been going strong for a few years now. I've done my part, no doubt, covering the technology extensively for the past 9 months. As vendors and users all scramble to cash in, it often seems like nothing can stop the rise IoT.
Maybe not, but there have been rumblings of a backlash to the rise of IoT for several years. Consumer and experts worry that the IoT may not easily fulfill its heavily hyped promise, or that it will turn out to be more cumbersome than anticipated, allow serious security issues, and compromise our privacy.
To read this article in full, please click here
|
|
Feb 19, 2018
Robert Gibbons, CTO at Datto, joins host Steve Ragan to talk about why companies pay out ransoms, the role of incident response plans and continuity strategies, and how companies weigh the risks.
|
|
Feb 12, 2018
Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M. Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the world.
|
|
Feb 09, 2018
Judging by all the media attention that The Internet of Things (or IoT) gets these days, you would think that the world was firmly in the grip of a physical and digital transformation. The truth, though, is that we all are still in the early days of the IoT.
The analyst firm Gartner, for example, puts the number of Internet connected "things" at just 8.4 billion in 2017 - counting both consumer and business applications. That's a big number, yes, but much smaller number than the "50 billion devices" or "hundreds of billions of devices" figures that get bandied about in the press.
To read this article in full, please click here
(Insider Story)
|
|
Feb 09, 2018
Judging by all the media attention that The Internet of Things (or IoT) gets these days, you would think that the world was firmly in the grip of a physical and digital transformation. The truth, though, is that we all are still in the early days of the IoT.
The analyst firm Gartner, for example, puts the number of Internet connected "things" at just 8.4 billion in 2017 - counting both consumer and business applications. That's a big number, yes, but much smaller number than the "50 billion devices" or "hundreds of billions of devices" figures that get bandied about in the press.
To read this article in full, please click here
(Insider Story)
|
|
Feb 08, 2018
It was inevitable. Once Google published its findings for the Meltdown and Spectre vulnerabilities in CPUs, the bad guys used that as a roadmap to create their malware. And so far, researchers have found more than 130 malware samples designed to exploit Spectre and Meltdown.
If there is any good news, it's that the majority of the samples appear to be in the testing phase, according to antivirus testing firm AV-TEST, or are based on proof-of-concept software created by security researchers. Still, the number is rising fast.
To read this article in full, please click here
|
|
Feb 06, 2018
What is it about the Spectre and Meltdown attacks that scared everyone so much? Host Steve Ragan and J.M. Porup talk through the impact of these hardware flaws.
|
|
Feb 02, 2018
Comeback kid AMD announced on its quarterly earnings call that it intends to have a silicon fix for the variant 2 of the Spectre exploit, the only one of the Meltdown and Spectre exploits it's vulnerable to, by 2019 with its new Zen 2 core.
The company also said it will ramp up GPU card production to meet the insane demand these days thanks to cryptominers, although it said the biggest challenge will be to find enough memory to make the cards.
Also read: Meltdown and Spectre: How much are ARM and AMD exposed?
It's hard to believe that in 2018 we are seeing such shortages in computing hardware, but there you have it.
To read this article in full, please click here
|
|
Feb 02, 2018
NordVPN promises a private and fast path through the public internet, with no logs and unmetered access for 6 simultaneous devices. They are currently running a promotion, but you'll have to use this link to find it. Its typical price has been discounted to $99 for 3 years of service. That's a good deal at just $2.75 per month. See the $2.75/month NordVPN holiday deal here.
To read this article in full, please click here
|
|
Feb 01, 2018
If portions of enterprise data-center networks have no need to communicate directly with the internet, then why do we configure routers so every system on the network winds up with internet access by default?
Part of the reason is that many enterprises use an internet perimeter firewall performing port address translation (PAT) with a default policy that allows access the internet, a solution that leaves open a possible path by which attackers can breach security.
Also on Network World: IPv6 deployment guide; What is edge computing and how it's changing the network?
To read this article in full, please click here
(Insider Story)
|
|
Jan 31, 2018
You've probably already heard about the latest Internet of Things (IoT) security fiasco — coverage has gone far beyond the tech press into the mainstream TV news. In case you haven't been paying attention, though, here's the elevator pitch version:
Fitness network Strava publishes a global heatmap of where users are running and working out using its services, and folks just figured out that the map includes information that could reveal the locations of military forces working out in sensitive and sometimes secret locations. One expert worried that "tracking the timing of movements on bases could provide valuable information on patrol routes or where specific personnel are deployed."
To read this article in full, please click here
|
|
Jan 30, 2018
Microsegmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually. It's aimed at making network security more granular.
Microsegmentation vs. VLANs, firewalls and ACLs
Network segmentation isn't new. Companies have relied on firewalls, virtual local area networks (VLAN) and access control lists (ACL) for network segmentation for years. With microsegmentation, policies are applied to individual workloads for greater attack resistance.
To read this article in full, please click here
|
|
Jan 29, 2018
CSO senior editor Michael Nadeau joins host Steve Ragan to talk about predictions for 2018, including the looming GDPR compliance deadline.
|
|
Sep 18, 2017
Wi-Fi is one entry-point hackers can use to get into your network without setting foot inside your building because wireless is much more open to eavesdroppers than wired networks, which means you have to be more diligent about security.
But there's a lot more to Wi-Fi security than just setting a simple password. Investing time in learning about and applying enhanced security measures can go a long way toward better protecting your network. Here are six tips to betters secure your Wi-Fi network.
Use an inconspicuous network name (SSID)
The service set identifier (SSID) is one of the most basic Wi-Fi network settings. Though it doesn't seem like the network name could compromise security, it certainly can. Using a too common of a SSID, like "wireless" or the vendor's default name, can make it easier for someone to crack the personal mode of WPA or WPA2 security. This is because the encryption algorithm incorporates the SSID, and password cracking dictionaries used by hackers are preloaded with common and default SSIDs. Using one of those just makes the hacker's job easier.
To read this article in full, please click here
|
|
Aug 31, 2017
Much work still must be done before the industrial and municipal Internet of Things (IoT) becomes widely adopted outside of the circle of innovators. One field, privacy, well understood by the public and private sector in the context of the cloud, PCs and mobile, is in the early stage of adaptation for the IoT.
The sheer volume of data that will be collected and the new more granular architecture of the IoT present new privacy concerns that need to be resolved on an equal scale as the platform's forecasted growth.
A demonstration of this new aspect of privacy and compliance is the Privacy Guidelines for Internet of Things: Cheat Sheet, Technical Report (pdf) by Charith Perera, researcher at the Newcastle University in the U.K. The nine-page report details 30 points about implementing strong privacy protections. This report is summarized below.
To read this article in full, please click here
|
|
Jul 17, 2017
On Unix systems, random numbers are generated in a number of ways and random data can serve many purposes. From simple commands to fairly complex processes, the question "How random is random?" is worth asking.
EZ random numbers
If all you need is a casual list of random numbers, the RANDOM variable is an easy choice. Type "echo $RANDOM" and you'll get a number between 0 and 32,767 (the largest number that two bytes can hold).
$ echo $RANDOM
29366
Of course, this process is actually providing a "pseudo-random" number. As anyone who thinks about random numbers very often might tell you, numbers generated by a program have a limitation. Programs follow carefully crafted steps, and those steps aren't even close to being truly random. You can increase the randomness of RANDOM's value by seeding it (i.e., setting the variable to some initial value). Some just use the current process ID (via $$) for that. Note that for any particular starting point, the subsequent values that $RANDOM provides are quite predictable.
To read this article in full, please click here
|
|
May 25, 2017
Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users' passwords will all have twelve or more characters. Let's stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.
First, if you haven't done this already, install the password quality checking library with this command:
apt-get -y install libpam-pwquality
The files that contain most of the settings we're going to look at will be:
To read this article in full, please click here
|
|
May 24, 2017
If your website, in common with roughly 25% of all websites, is running WordPress then it's pretty much certain that it's being constantly attacked. WordPress is to hackers what raw meat is to jackals because unless sites are assiduously maintained, they quickly become vulnerable to a huge number of exploits.
The root cause of this vulnerability is WordPress' ecosystem of complex core software augmented by thousands of third party developers whose themes and plugins are often buggy and not quickly (or often, never) updated to fend off known security problems. Add to that many site owners being slow to update their core WordPress installation and you have an enormous and easily discovered collection of irresistible hacking targets.
To read this article in full, please click here
|
|
May 15, 2017
Your business is hit with a ransomware attack. Or your ecommerce site crashes. Your legacy system stops working. Or maybe your latest software release has a major bug. These are just some of the problems that ecommerce, technology and other companies experience at one time or another.
The issue is not if a problem - or crisis - occurs, but how your company handles it when it does. Manage the problem poorly, you risk losing customers, or worse. Handle a crisis promptly and professionally, you can fend off a public relations disaster and might even gain new customers.
So what steps can businesses take to mitigate and effectively manage an IT-related crisis? Here are eight suggestions.
To read this article in full, please click here
|
|
May 15, 2017
What is incident response?Image by Thinkstock
Incident response is like investigating a real burglary. You look for evidence of the intruder at the crime scene, find his targets and his getaway car, and repair any holes. Discover any cuts in your chain link fence. Take a few steps back for more perspective. Find the intruder's targets. What assets are near the compromised fence? Investigate in both directions to find the intruder's target and getaway car. Fix the fence. Resolve any issues and patch vulnerabilities.
To read this article in full, please click here
|
|
May 01, 2017
Managing the health of the corporate network will directly affect the productivity of every user of that network. So network administrators need a robust network monitoring tool that helps them manage the network, identify problems before they cause downtime, and quickly resolve issues when something goes wrong.
Five of the top network monitoring products on the market, according to users in the IT Central Station community, are CA Unified Infrastructure Management, SevOne, Microsoft System Center Operations Manager (SCOM), SolarWinds Network Performance Monitor (NPM), and CA Spectrum.
To read this article in full, please click here
(Insider Story)
|
|
Apr 27, 2017
The overall equation is pretty simple: If you want to understand network traffic, you really should install Wireshark. And, if you really want to use Wireshark effectively, you should consider this book. Already in its third edition, Practical Packet Analysis both explains how Wireshark works and provides expert guidance on how you can use the tool to solve real-world network problems.
Yes, there are other packet analyzers, but Wireshark is one of the best, works on Windows, Mac, and Linux, and is free and open source. And, yes, there are other books, but this one focuses both on understanding the tool and using it to address the kind of problems that you're likely to encounter.
To read this article in full, please click here
|
|
Apr 10, 2017
New and innovative security tools seem to be emerging all the time, but the frontline defense for just about every network in operation today remains the trusty firewall. They aren't perfect, but if configured correctly and working as intended, firewalls can do a solid job of blocking threats from entering a network, while restricting unauthorized traffic from leaving.
The problem network administrators face is that as their networks grow, so do the number of firewalls. Large enterprises can find themselves with hundreds or thousands, a mix of old, new and next-gen models, probably from multiple vendors -- sometimes accidentally working against each other. For admins trying to configure firewall rules, the task can quickly become unmanageable.
To read this article in full, please click here
(Insider Story)
|
|
Mar 24, 2017
Canary's initial foray into the networked home security camera space was very impressive - my colleague David Newman touted its high security settings in the wake of revelations about the general insecurity of these types of devices. The Canary camera was also somewhat large - a cylindrical tower that took up some significant space on your desk, cabinet or shelf.
The latest camera the company sent me is the Canary Flex, a much smaller unit meant to be more flexible (hence the name) in terms of placement, but also in power options. Like the Arlo Pro camera, the Canary Flex is powered by an internal battery (it's charged via USB cable and power adapter). This means you can move the Flex to a location inside or outside your home where there's no power outlet. The Flex comes with wall mounting screws and a 360-degree magnetic stand so you can position the camera in different spots. Additional accessories, such as a plant mount or twist mount (pictured below), offer even more location choices.
To read this article in full, please click here
|
|
Mar 13, 2017
Email encryption products have made major strides since we last looked at them nearly two years ago. They have gotten easier to use and deploy, thanks to a combination of user interface and encryption key management improvements, and are at the point where encryption can almost be called effortless on the part of the end user.
Our biggest criticism in 2015 was that the products couldn't cover multiple use cases, such as when a user switches from reading emails on their smartphone to moving to a webmailer to composing messages on their Outlook desktop client. Fortunately, the products are all doing a better job handling multi-modal email.
To read this article in full, please click here
(Insider Story)
|
|
Mar 06, 2017
Almost every cybersecurity program these days does some sort of scanning, sandboxing or traffic examination to look for anomalies that might indicate the presence of malware. We've even reviewed dedicated threat-hunting tools that ferret out malware that's already active inside a network.
However, what if there were a different way to approach security? Instead of searching for behaviors that might indicate a threat, what if you could define everything that is allowed within a network? If every process, application and workflow needed to conduct business could be defined, then by default everything outside of those definitions could be flagged as illegal. At the very least, critical programs could be identified and all interactions with them could be tightly defined and monitored. It's a different way of looking at security, called segmentation.
To read this article in full, please click here
(Insider Story)
|
|
Feb 21, 2017
Open source is a wonderful thing. A significant chunk of today's enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that's changing.
If you haven't been looking to open source to help address your security needs, it's a shame—you're missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine.
To read this article in full, please click here
|
|
