Articles about Firewall

Face Palm D'oh from Shutterstock

Please don't upgrade NSX just now, says VMware

VMware is advising users of its NSX network virtualisation not to upgrade it to the version 6.2.3 released in early June. The update addressed CVE-2016-2079, a vulnerability that allows remote attackers to obtain sensitive information. In other words, just the kind of thing you probably want to patch, not least because NSX is …
Simon Sharwood, 22 Jul 2016

Microsoft to rip up P2P Skype, killing native Mac, Linux apps

In the same month Microsoft announced its alpha WebRTC-based Skype for Linux client, Redmond has put that native app and the native OS X Skype client on an end-of-life list. This is because Skype is being rebuilt to replace its peer-to-peer architecture with cloud-centric code that supports Windows, iOS, Android and web …

Carbon Black snaps up cloud-dwelling threat-sniffing 'next-gen AV'

Endpoint security firm Carbon Black has bought "next-generation antivirus" firm Confer. Financial terms of the deal, announced today, were undisclosed. Carbon Black plans to re-badge Confer’s security software as “Cb Defense” and offer it alongside its existing roster of application control, incident response, and threat …
John Leyden, 19 Jul 2016
Barracuda_cloud_sea

Barracuda picks teeth after chowing down on cloud market

Revenues grew 11 per cent year-over-year to $86.7m in Barracuda’s first fiscal 2017 quarter, confirming its return to growth. Net income was $2.8m. Recurring subscription revenue grew to $65.3m, up 20 per cent from $54.3m in the year-ago quarter and 75 per cent of total revenue. Appliance revenue though, was down, at $21.3m, …
Chris Mellor, 08 Jul 2016
Image: Serazetdinov http://www.shutterstock.com/fr/pic-114819721/stock-vector-illustration-of-a-strong-blast-of-brain.html

Zero-interaction remote wormable hijack hole blasts Symantec kit

Scores (or thousands, or millions) of enterprise and home Symantec users are open to remote compromise through multiple now-patched (where possible) wormable remote code execution holes described by Google as 'as bad as it gets'. The flaws are "100 percent" reliable against Symantec's Norton Antivirus and Endpoint according to …
Darren Pauli, 29 Jun 2016
Big cloud, image via Shutterstock

Juniper preps global policy manager for OpenContrail

Juniper Networks seems to have big plans for its OpenContrail SDN controller: it would like to see it act as a kind of “meta-controller” for multiple cloud and data centre controllers. It's quietly pushed up the first code of what is, for now, dubbed “project Ukai” at Github. The alpha-level code has two top-line aims: to run …
band_aid_648

Cisco firmware patch lands

Cisco has pushed out firmware for its RV-series wireless routers to patch last week's vulnerability. The HTTP sanitization bug affected the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router. The flaw let a remote attacker run commands as root. The …

'Nobody cares about your heart-rate'

With CrowdStrike kicking off its Australian office, the company's freshly-minted VP of technology strategy, Michael Sentonas, took time out for a chat to Vulture South. We started the discussion looking at security in the Internet of Things market, where Sentonas says “I look at it and say 'what a disaster'.” The industry, he …
Enter your password by https://www.flickr.com/photos/49889874@N05/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

GitHub presses big red password reset button after third-party breach

GitHub has reset the passwords of users targeted in an attack this week that relied on using stolen credentials from a breach at a third party site. The software repository itself has not suffered a breach. Hackers behind the assault were trying to break into the accounts of users who had inadvisedly used the same login …
John Leyden, 16 Jun 2016

SOHOpeless Cisco wireless kit needs critical patch

A range of SOHO-targeted network kit from Cisco, pitched as “highly secure”, isn't. Switchzilla has just issued a critical patch for three devices in its RV range: the RV110W 802.11N VPN/firewall; and the RV130 and RV125 802.11n VPN routers. The bug lets a remote attacker send crafted HTTP requests and execute code as root. …
Chinese fence

Millions of 'must be firewalled' services are open to the entire internet – research

Millions of services that ought to be restricted are exposed on the open internet, creating a huge risk of hacker attack against databases and more. Infosec firm Rapid7’s researchers took a close look at the millions and millions of individual services that live on the public IP network, one of the most fundamental components …
John Leyden, 08 Jun 2016

Juniper: Yes, IPv6 ping-of-death hits Junos OS, too

That IPv6 neighbour packet discovery bug Cisco warned about last week? Juniper has just followed Switchzilla by warning it has the same problem. When Cisco announced the vuln, it said other IPv6 implementations would also be at risk. The Gin Palace agrees: CVE-2016-1409 is an issue for anybody running Junos OS. The advisory …

It's been a breach-tastic year. And Sophos sales were good, apparently

Operating losses at security software firm Sophos have grown in its first year as a listed company – despite increased sales and an encouraging outlook overall. For the year-ending 31 March 2016, Sophos recorded an operating loss of $32.7 million on revenues of $478.2m. This compares to a loss of $0.5m on revenues of $446.7m …
John Leyden, 26 May 2016

Great Wall of Minecraft

China has allowed Minecraft behind the Great Firewall after signing a deal with an outfit called NetEase that gives it exclusive rights to handle the game in the Middle Kingdom. NetEase will use a Chinese subsidiary to distribute the game locally. Minecraft's maker Mojang says "a version of Minecraft tailored for the Chinese …
Simon Sharwood, 23 May 2016

What's holding up Canada's internet?

Sysadmin Blog Canadian internet providers are frequently bemoaned as terrible. Americans get lots of media play about getting the sharp end of the stick from their providers, but many Canadians look longingly at the internet packages south of the border and wonder: what's the holdup in Canada? While Canadians usually like to fool ourselves …
Trevor Pott, 19 May 2016
computer_room_channel meeting programme

Cloudy desktops are as mature as cloudy servers … from 2008!

Desktop-as-a-service in 2016 is about as mature as infrastructure-as-a-service was in 2008, so waiting until it matures is more sensible than diving in now. So says Garter for Technical Professionals' analyst Mark Lockwood, who The Register's virtualisation desk beheld yesterday at the firm's Infrastructure Operations & Data …
Simon Sharwood, 17 May 2016
Great Wall of China by https://www.flickr.com/photos/matt512/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

China's new rules may break the internet warns US government

The Chinese government could fragment the internet if it pursues new registration rules for online addresses, the US government has warned. The warning by assistant commerce secretary Larry Strickling and state department ambassador Daniel Sepulveda comes in response to a decision by the Chinese government in March to require …
Kieren McCarthy, 16 May 2016
China

Sino the times: MSN to pull Chinese portal

Microsoft's MSN China portal will farewell the Internet in June of this year, signalling a further withdrawal of the country's content presence in the Middle Kingdom. The decision was first reported in Chinese media, according to Nikkei, with Redmond to pay more attention to hosting, Windows 10, and its R&D operation. The …
Man with head in the cloud

VMware hikes NSX price, adds cheaper versions

VMware has taken the scissors to its NSX product's feature list to offer versions that won't set back customers quite as much as the full product, at the same time hiking the price of the top version of the product. Pitched at companies that want to create software defined data centres, NSX slips networking and security into …

Do you know where your trade secrets are?

Information security (infosec) is no longer a nice-to-have. It is a matter of corporate survival. Even the smallest company can be weakened by the simple loss of a customer list, ruined by the fallout from the loss of protected customer information. There's a lot more to infosec than merely hunkering down behind a firewall. As …
Trevor Pott, 03 May 2016

Vixie on net security woes

The solution to the planet's endless online security problems is to quit adding more technology to the mix. That's according to the CEO of Farsight Security and one of the internet's early pioneers, Paul Vixie, who has written a blog post telling people to "stop trafficking in black boxes and magical thinking." The problem, …
Kieren McCarthy, 03 May 2016

Chomp! Barracuda gets its bite back after turning a profit again

The sum of $83.7m exceeded Barracuda’s revenue estimates for its fourth fiscal 2016 quarter, ended Feb 29, 2016. It was a 16 per cent rise year-on-year and a 4.5 per cent rise quarter-on-quarter. There was a $3.2m net profit, pleasing after five straight loss-making quarters. The full year revenue number was $320.2m, 15.4 per …
Chris Mellor, 28 Apr 2016

Meet the malware that screwed a Bangladeshi bank out of $81m

February's hack against Bangladesh's central bank that netted $81m in diverted funds is one of the biggest cyber heists of all time. Now researchers think they've found the malware that did it. A sample of the software nasty was obtained by researchers at defense contractors BAE Systems. The malware appears to have been custom …
Iain Thomson, 25 Apr 2016
United nations flag by https://www.flickr.com/photos/sanjit/ cc 2.0 attribution https://creativecommons.org/licenses/by/2.0/

Secret UN report finds WIPO chief 'broke procurement rules'

The secret UN report into the behaviour of WIPO boss Francis Gurry has found him guilty of “conduct... inconsistent with the standards expected of a staff member of the World Intellectual Property Organisation.” The chair of WIPO's General Assembly Colombian ambassador Gabriel Duque is still refusing to release the full report …
John Oates, 25 Apr 2016

Sysadmin given Licence To Perve shows why you always get it in writing

On-call Welcome again to On-Call, our Friday fun in which readers send in their stories of being asked to do odd things around the office. This week, reader “Logan” who once worked for an outsourcer shared the story of a colleague tasked with checking a client's smut filter was in proper working order. “The job was to upgrade the …
Simon Sharwood, 22 Apr 2016

Check Point chugs on: Profits and revenues up despite volatile market

Check Point’s share price has dipped a touch after the firm reported lacklustre Q1 financial results. During the first quarter ending 31 March 2016, Check Point’s total revenues came in at $404m, compared to $373m in the first quarter of 2015, a nine per cent increase year-on-year. Its GAAP net income rose, albeit modestly. …
John Leyden, 21 Apr 2016
Daisywheel with Courier font

IBM expands Ustream

I stream, you stream, so IBM's upgrading Ustream. Big Blue's adding content delivery chops to its Ustream suite, which it acquired in January 2016. The Ustream eCDN (enterprise content distribution network) software is designed to sit behind the firewall, handling the caching and on-network distribution of video from a single …
Google faces antitrust charges in the European Union

So you’d sod off to China to escape the EU, Google? Really?

Analysis Google structures its entire organisation to avoid privacy laws, minimise taxes and de-risk itself from competition oversight*. Today Google’s European supremo hinted that being in China might be less of a hassle, and that losing Google would serve us Europeans right for being so backward. Of course, it’s a sheer coincidence …
Andrew Orlowski, 19 Apr 2016

Defence in depth: Don't let your firm's security become a boondoggle

Information security (infosec) isn’t a game for amateurs. No one solution will do. Proper information security requires defence in depth: layers of technologies, techniques, best practices and incident response woven together into the tapestry of everyday operations. Unfortunately, hiring professionals is no guarantee that …
Trevor Pott, 15 Apr 2016

Ruckus: A strong buy for Brocade, but leaves Juniper isolated again

Comment Pity poor Juniper. The networking company’s alliance with Ruckus Wireless last summer raised hopes that it would strike it third time lucky in the Wi-Fi market, filling the gaping wireless gap in its platform. Now Brocade has snatched carrier Wi-Fi leader Ruckus from under its rival’s nose with a $1.2bn acquisition. It's the …
Wireless Watch, 13 Apr 2016

SANS man lists five security things you're not doing but should

SANS Institute dean of research and head of the SANS Internet Storm Center (ISC) Johannes Ullrich has given systems admins some some light weekend reading with a list of five neglected security controls that "nobody implements". Ullrich reckons that if put these controls in place your security posture will improve and things …
Darren Pauli, 08 Apr 2016

China's Great Firewall inventor forced to use VPN live on stage to dodge his own creation

The architect of China's Great Firewall was forced to use a VPN to bypass his own creation in a lecture this week on internet safety. Fang Binxing was speaking at his old university, the Harbin Institute of Technology in Heilongjiang, China, when he attempted to access webpages hosted in South Korea as a way to illustrate a …
Kieren McCarthy, 07 Apr 2016
Man gesticulates furiously in front of parked car. Photo by Shutterstock

Neighbour sick of you parking in his driveway? You'd better hack-proof your car

Car security startup Karamba Security has emerged from stealth with $2.5m in funding and a plan to revamp in-car security. Karamba has developed a technology that hardens the externally-facing electronic control unit (ECU) of cars in order to defend against hack attacks. The software is designed to protect a car's externally …
John Leyden, 07 Apr 2016
Cloudy sky

Microsoft hopes to shine light on shadow IT

The first fruits of Microsoft's 2015 acquisition of Adallom are ripening with Redmond announcing its Cloud App Security offering is now generally available. The idea of Cloud App Security is to cover off the data loss danger in “shadow IT” – the use of cloud apps that people have contracted using the departmental credit card, …

Google reveals own security regime policy trusts no network, anywhere, ever

Google sees little distinction between board rooms and bars, cubicles and coffee shops; all are untrusted under its perimeter-less security model detailed in a paper published this week. The "BeyondCorp model" under development for more than five years is a zero-trust network model where the user is king and log in location …
Darren Pauli, 06 Apr 2016

China enacts 'real name policy' for internet addresses

China has enacted its own version of Facebook's "real name policy" for the registration of internet addresses. Under renewed rules covering companies that are allowed to sell domain names and run top-level domains in China, there is now a requirement for those companies to introduce the capability for "real name verification …
Kieren McCarthy, 01 Apr 2016

US Marine Corps launches hacker support unit

The United States Marine Corps has launched a hacking support unit. The Marine Corps Cyberspace Warfare Group (MCCYWG) is already functioning with a small contingency of staff and will ramp up with full operational capacity expected next year. It will support the US Marine Corps Forces Cyberspace (MARFORCYBER) established …
Darren Pauli, 31 Mar 2016
Cat in a box, image via Shutterstock

Oracle traps its cloud inside own tin boxes

Oracle is throwing one stone at two birds troubling its business: cloud and falling server sales. That stone: cloud in a box. The database giant has announced Oracle Cloud at Customer, a package of its publicly available, but relatively unwanted cloud software - in its reciprocally related servers. The stone has a name: …
Gavin Clarke, 24 Mar 2016

Okay IT pros, change happens. But here's your Reg guide to staying in control

When I started my IT career, the organisations I worked with didn't really do formal change management. And that wasn't really a problem: either they were small enough for it not to matter (we just told the handful of users: “We're about to upgrade X”), or the departments I worked in were sufficiently small and autonomous that …
Dave Cartwright, 23 Mar 2016

Cloud security harder than 'encrypt everything'

Australia's wildly-enthusiastic adoption of cloud computing is providing the rest of the world a crucible in which a host of security challenges can be cultured, according to F5 security researcher David Holmes. Speaking to The Register's networking desk while visiting the antipodes, Holmes said that “Australia is becoming the …

Buhtrap hacks whack Russian bank chaps; phish bait works great

Russian malware writers have scored at least US$25.7 million (£17.8 million, A$33.6 million) in raids against banks in their home country, intelligence firm Group IB says. The "Buhtrap" group has since 2014 used simple but coordinated attacks to target Russian banks directly and with devastating effectiveness. It is the first …
Darren Pauli, 18 Mar 2016

Juniper starts waving fixes for DROWN vuln

Juniper Networks has identified products it says are vulnerable to the DROWN attack. DROWN turned up at the end of February, and is a relic of enduring but pointless support for the long-deprecated SSLv2 protocol. The most prominent exposure to DROWN is in web sites that weren't configured to refuse attempts at SSLv2 …
dumb_and_dumber_648

Like masochism? Run a PC? These VXers want to help you pwn yourself

Masochistic Windows users have been given a helping hand from hackers, in the form of step-by-step instructions on how to get their PCs infected with malware. A recent malware-slinging banking trojan campaign targeting Germany last week comes with explicit instructions for the recipients describing how to get their computers …
John Leyden, 14 Mar 2016
A Cisco ASIC

Cisco plans routers that are servers, or vice-versa, with KVM aboard

Cisco will shortly announce enhancements to its integrated service routers that will make it hard to know if they're a networking appliance or a server. Or a hybrid of both. Cisco already offers the UCS E-series servers, small form factor machines that can plug into devices like the 4000-series integrated service routers. …
Simon Sharwood, 09 Mar 2016
Telstra phone booth by Ed Dunens from Flickr https://www.flickr.com/photos/blachswan/

Telstra strides into enterprise SDN with VPNs, dynamic WANs

Australia's dominant carrier Telstra has sniffed the software-defined winds and decided to label some services as software-defined networking (SDN), with Cisco's help. There's nothing startling about the carrier's initial three services, the first of which is a vanilla virtual private network that can connect physical …
Simon Sharwood, 08 Mar 2016
cable

People don't want big OpenFlow deployments, so let's do small ones

OpenFlow looks like it has all the hallmarks of inevitable success: it fits into a broad stack of open networking protocols, it has lots of vendor support, it's backed by the Linux Foundation, and it's been under development since 2009. All that remains is users, which are rather hard to find. Might that change if the project …

US Congressman calls WIPO 'the FIFA of UN agencies' at hearing

The US House Foreign Affairs joint sub-committee in Washington heard evidence of continued bizarre and allegedly illegal behaviour by Francis Gurry, the boss of the UN's patent body. The Committee promised yesterday to take action to demand reform of the World Intellectual Property Organisation (WIPO) and push for publication …
John Oates, 25 Feb 2016
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

IT boss gets 30 months of porridge for trashing ex-employer's servers

A rogue IT manager has been sentenced to 30 months in prison after he changed jobs and decided to take revenge on his former employer. From 2007 to March 2012, Nikhil Nilesh Shah, 33, worked at mobile apps developer Smart Online in North Carolina, US. After moving on to another job, Shah accessed his old company's servers …
Iain Thomson, 24 Feb 2016

Let's talk over Wi-Fi, says Oracle to folks who don't know Skype exists

MWC16 Oracle's parked its yacht near Barcelona and fired off the usual broadsides of product announcements that accompanies a major conference like Mobile World Congress. Mobile operators in need of a Wi-Fi gateway can throw their hats into the air with the launch of the Oracle Communications Mobile Security Gateway. The gateway's …
fail

Comodo's 'security' kit installed a lame VNC server on PCs on the sly

Google's Project Zero has found yet another blunder in Comodo's internet "security" software – a VNC server enabled by default with a predictable password. Earlier this month, Googler Tavis Ormandy pointed out that Comodo's custom web browser, dubbed Chromodo, was about as unsafe as a lace condom thanks to terrible security …
Iain Thomson, 18 Feb 2016