Your Data Is a Strategic Asset – Treat It That Way!
  • Published in

Improving data backup and recovery was the second most commonly cited IT priority for 2015 among respondents surveyed by ESG for its 2015 IT spending intentions report (see Figure 1).

Read More
What Happens to RSA?
  • Published in

While last week’s Dell/EMC merger was certainly a blockbuster, nothing specific was mentioned about future plans for RSA Security. Michael Dell did say that there were a “number of discussions about security” during the negotiations, but apparently, no concrete plans yet. Infosec reporters have lobbed phone calls into Round Rock Texas as well as Bedford and Hopkinton, MA looking for more details, but Dell and EMC officials haven’t responded.

Read More
5 Reasons To Upgrade Your Network Switch
  • Published in

Campus network switches aren’t updated as frequently as data center switches, but there are some compelling reasons why it may be worthwhile to upgrade now and not wait until the end of a regular refresh cycle. Practically speaking, campus networking is wireless networking, and there are more devices connecting to the network. More devices mean more bandwidth requirements, and it’s hard to figure out what BYOD devices are going to be doing, whether it’s just plain download bandwidth, a time critical application like VoIP, or a sudden surge like Apple iOS version updates. And once end-users are tied to a new way of using devices, network teams are often forced to adapt. BYOD not only means bring your own devices, but adds, “because you’re overly demanding”.

Read More
Signature Update #2547
  • Published in

Signature Update #2547 129 new signatures:HIGHHTTP: Blackhole Exploit Kit Landing Page RequestedHIGHHTTP: Bleeding Life Exploit Kit Module Call 11HIGHHTTP: Bleeding Life Exploit Kit Module Call 10HIGHHTTP: Bleeding Life Exploit Kit Module Call 9HIGHHTTP: Bleeding Life Exploit Kit Module Call 8HIGHHTTP: Bleeding Life Exploit Kit Module Call 12HIGHHTTP: Bleeding Life Exploit Kit Module Call 7HIGHHTTP: Bleeding Life Exploit Kit Module Call 6HIGHHTTP: Bleeding Life Exploit Kit Module Call 5HIGHHTTP: Bleeding Life Exploit Kit Module Call 2HIGHHTTP: Phoenix Exploit Kit Post Compromise BehaviorHIGHHTTP: Possible Exploit Kit Post Compromise StrReverse ActivityHIGHHTTP: Possible Exploit Kit Post Compromise Taskkill ActivityHIGHHTTP: SET Java Applet Load AttemptHIGHHTTP: Fake Transaction Redirect Rage To Exploit KitHIGHHTTP: Suspicious Taskkill Script StrReverseHIGHHTTP: Suspicious StrReverse ShellHIGHHTTP: Suspicious StrReverse Scripting FileSystemObjectHIGHHTTP: Multiple Exploit Kit Info.exe PayloadHIGHHTTP: Multiple Exploit Kit calc.exe Payload DetectionHIGHHTTP: Multiple Exploit Kit about.exe Payload DetectionHIGHHTTP: Multiple Exploit Kit Readme.exe PayloadHIGHHTTP: Sweet Orange Exploit Kit Landing Page 3HIGHHTTP: Sweet Orange Exploit Kit Landing Page 2HIGHHTTP: Red Dot Landing Page 1HIGHHTTP: Red Dot Executable Retrieval AttemptHIGHHTTP: Embedded Iframe RedirectionHIGHHTTP: JDB Exploit Kit Landing Page 1HIGHHTTP: JDB Exploit Kit Landing PageHIGHHTTP: Zuponcic Exploit Kit Oracle Java File DownloadHIGHHTTP: Multiple Exploit Kit Jar File DroppedHIGHHTTP: Whitehole Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Landing Page 1HIGHHTTP: Sweet Orange Exploit Kit Landing Page2HIGHHTTP: Sweet Orange Exploit Kit Landing Page1HIGHHTTP: Sweet-Orange Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Landing PageHIGHHTTP: Styx Exploit Kit Redirection PageHIGHHTTP: CritX Exploit Kit Redirection PageHIGHHTTP: IFRAMEr Injection DetectionHIGHHTTP: Nuclear Exploit Kit Landing Page 1HIGHHTTP: Private Exploit Kit Landing Page 4HIGHHTTP: Private Exploit Kit Landing Page 3HIGHHTTP: Private Exploit Kit Landing PageHIGHHTTP: Private Exploit Kit Outbound TrafficHIGHHTTP: Embedded Iframe Redirection Exploit Kit Indicator 2HIGHHTTP: IFramer Toolkit Injected Iframe Detected Specific StructureHIGHHTTP: Goon/Infinity Exploit Kit Iframe RedirectionHIGHHTTP: CritX Exploit Kit Java Exploit Request Structure 2HIGHHTTP: Kore Exploit Kit Landing Page 3HIGHHTTP: Kore Exploit Kit Landing PageHIGHHTTP: Kore Exploit Kit Successful Java ExploitHIGHHTTP: Gong Da Exploit Kit Landing Page 2HIGHHTTP: Gong Da Exploit Kit Java Exploit Requested 1HIGHHTTP: Gong Da Exploit Kit Java Exploit RequestedHIGHHTTP: IFRAMEr Tool Embedded Javascript Attack Method Specific StructureHIGHHTTP: Multiple Exploit Kit Landing PageHIGHHTTP: Multiple Exploit Kit Redirection PageHIGHHTTP: Neutrino Exploit Kit Plugin Detection PageHIGHHTTP: Blackholev2/Darkleech Exploit Kit Landing PageHIGHHTTP: Kore Exploit Kit Outbound Payload Download AttemptHIGHHTTP: Rmayana Exploit Kit Obfuscation TechniqueHIGHHTTP: Teletubbies Exploit Kit Payload Download 1HIGHHTTP: Teletubbies Exploit Kit Payload Download 9HIGHHTTP: Teletubbies Exploit Kit Payload Download 8HIGHHTTP: Teletubbies Exploit Kit Payload Download 7HIGHHTTP: Teletubbies Exploit Kit Payload Download 6HIGHHTTP: Teletubbies Exploit Kit Payload Download 5HIGHHTTP: Teletubbies Exploit Kit Payload Download 4HIGHHTTP: Teletubbies Exploit Kit Payload Download 3HIGHHTTP: Teletubbies Exploit Kit Payload DownloadHIGHHTTP: Teletubbies Exploit Kit Exploit 2HIGHHTTP: Teletubbies Exploit Kit Payload Download 2HIGHHTTP: Multiple Exploit Kit Payload about.dllHIGHHTTP: Multiple Exploit Kit Payload info.dllHIGHHTTP: Multiple Exploit Kit Payload contacts.dllHIGHHTTP: Multiple Exploit Kit Payload calc.dllHIGHHTTP: Multiple Exploit Kit Payload readme.dllHIGHHTTP: X2O Exploit Kit Landing Page 3HIGHHTTP: X2O Exploit Kit Landing PageHIGHHTTP: Embedded Iframe Redirection Exploit Kit Indicator 7HIGHHTTP: Embed

Read More
SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List

SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List    Juniper Networks SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List as Firewalls and VPN devices.  Certifications were with Junos 12.1X46.  The SRX1400, SRX3400, and SRX3600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package.             The Security Target for these devices is located here.             The Certification Report can be found here. The SRX100-650 and the SRX5800 and the LN1000 and LN2600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package and the IPsec Gateway VPN Extended Package.             The Security Target for these devices is located here.             The Certification Report can be found here. Listing on the NIAP PCL is required by Federal policy for many different cases.  First, as the NIAP PCL webpage states- “U.S. Customers (designated approving authorities, authorizing officials, integrators, etc.) may treat these mutually-recognized evaluation results as complying with the Committee on National Security Systems Policy (CNSSP) 11 National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products - dated June 2013 (https://www.cnss.gov/policies.html)”.  CNSSP 11 applies to any US Government system carrying classified data at any level and to systems carrying certain command and control traffic regardless of the classification. NIAP PCL listing is required by the DISA Security Technical Implementation Guide (STIG)s for many product categories.  NIAP PCL listing is required for DoD Cloud providers who are handling Impact Level 5 and 6 information, and in other Federal Government acquisitions that require the NIST 800-53, rev 4- SA-4 (7) control. Copyright © 1996-2013 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences                    

Read More
Signature Update #2546

Signature Update #2546 181 new signatures:HIGHHTTP: Eleanore Exploit Kit Exploit Fetch RequestHIGHHTTP: Eleanore Exploit Kit PDF Exploit Page RequestHIGHHTTP: Eleanore Exploit Kit Post-exploit Page RequestHIGHHTTP: Crimepack Exploit Kit Control Panel AccessHIGHHTTP: Crimepack Exploit Kit Post-Exploit Download RequestHIGHHTTP: Crimepack Exploit Kit Malicious PDF RequestHIGHHTTP: Sakura Exploit Kit Rhino Jar RequestHIGHHTTP: Sakura Exploit Kit Logo TransferHIGHHTTP: Crimeboss Exploit Kit Outbound ConnectionHIGHHTTP: Unknown Exploit Kit Redirection PageHIGHHTTP: KaiXin Exploit Kit Attack Vector AttemptHIGHHTTP: KaiXin Exploit Kit Attack Vector Attempt 1HIGHHTTP: CritX Exploit Kit Possible Redirection AttemptHIGHHTTP: CritX Exploit Kit Java Exploit Request StructureHIGHHTTP: CritX Exploit Kit PDF Exploit Request StructureHIGHHTTP: CritX Exploit Kit Portable Executable RequestHIGHHTTP: KaiXin Exploit Kit Java Class DownloadHIGHHTTP: Sweet Orange Exploit Kit Landing Page 1HIGHHTTP: Sweet Orange Exploit Kit Landing PageHIGHHTTP: Nuclear Exploit Kit Landing Page DetectedHIGHHTTP: ProPack Exploit Kit Outbound Connection AttemptHIGHHTTP: ProPack Exploit Kit Outbound Payload RequestHIGHHTTP: ProPack Exploit Kit Outbound ConnectionHIGHHTTP: Java User-Agent Flowbit SetHIGHHTTP: Sweet Orange Exploit Kit Landing Page DetectionHIGHHTTP: CritX exploit kit Java V6 Exploit DownloadHIGHHTTP: CritX exploit kit Java V7 exploit downloadHIGHHTTP: CritX exploit kit PDF Library Exploit DownloadHIGHHTTP: Styx Exploit Kit Plugin Detection ConnectionHIGHHTTP: Styx Exploit Kit Portable Executable Download RequestHIGHHTTP: Redkit Exploit Kit Redirection AttemptHIGHHTTP: Redirect To Malicious Java Archive AattemptHIGHHTTP: Multiple Exploit Kit Malicious Jar Archive DownloadHIGHHTTP: Multiple Exploit Kit contacts.exe Payload DetectionHIGHHTTP: Fiesta Exploit Kit Landing Page Detection HIGHHTTP: CritX Exploit Kit Possible Plugin Detection AttemptHIGHHTTP: CritX Exploit Kit Malicious PDF RetrievalHIGHHTTP: CritX Exploit Kit Java V5 Exploit DownloadHIGHHTTP: CritX Exploit Kit Malicious Payload RetrievalHIGHHTTP: Unknown Exlpoit Kit Driveby Download Redirection HIGHHTTP: Redkit Exploit Kit Landing Page 1HIGHHTTP: Gong Da Exploit Kit Redirection Page ReceivedHIGHHTTP: Sibhost Exploit KitHIGHHTTP: Crimeboss Exploit Kit Stats AccessHIGHHTTP: Crimeboss Exploit Kit Java OnHIGHHTTP: Crimeboss Exploit Kit Java Exploit DownloadHIGHHTTP: Crimeboss Exploit Kit Java Exploit Download 1HIGHHTTP: Crimeboss Exploit Kit Portable Executable Download Attempt 1HIGHHTTP: Crimeboss Exploit Kit Portable Executable Download Attempt 2HIGHHTTP: Crimeboss Exploit Kit Stats LoadedHIGHHTTP: Crimeboss Exploit Kit Portable Executable Download AttemptHIGHHTTP: Crimeboss Exploit Kit Redirection AttemptHIGHHTTP: Crimeboss Exploit Kit SetupHIGHHTTP: Neutrino Exploit Kit Landing Page 1HIGHHTTP: Neutrino Exploit Kit Landing Page 2HIGHHTTP: Neutrino Exploit Kit Redirection Page 2HIGHHTTP: Neutrino Exploit Kit Redirection PageHIGHHTTP: Impact Exploit Kit Landing PageHIGHHTTP: Unknown Exlpoit Downloads Oracle Java Jar file HIGHHTTP: Sakura Exploit Kit Exploit RequestHIGHHTTP: Redkit Exploit Kit Landing Page Redirection 1HIGHHTTP: Redkit Exploit Kit Java Exploit DeliveryHIGHHTTP: Redkit Exploit Kit Obfuscated Portable ExecutableHIGHHTTP: Redkit Exploit Kit Landing Page RedirectionHIGHHTTP: Multiple Exploit Kit info.dll Payload DetectionHIGHHTTP: Multiple Exploit Kit Java Payload DetectionHIGHHTTP: Sakura Exploit Kit Redirection StructureHIGHHTTP: Portable Executable Downloaded With Bad DOS StubHIGHHTTP: Multiple Exploit Kit Landing Page Specific StructureHIGHHTTP: Stamp Exploit Kit Landing PageHIGHHTTP: Sakura Exploit Kit Jar Download DetectionHIGHHTTP: Sakura Exploit Kit Landing Page ReceivedHIGHHTTP: Sakura Exploit Kit Pdf Download DetectionHIGHHTTP: IFramer Injection toolHIGHHTTP: Unknown Exploit Kit Script Injection AttemptHIGHHTTP: Impact Stamp Exploit Kit Landing Page 1HIGHHTTP: Impact Stamp Exploit Kit Landing PageHIGHHTTP: IFramer Inj

Read More
FireEye Myth and Reality

Some tech companies are always associated with their first acts. Dell just acquired my first employer, EMC Corporation, in order to expand its enterprise portfolio, yet the company will always be linked with personal computers and its founder’s dorm room. F5 has become a nexus that brings together networks and applications but will always retain the moniker of a load balancing company. Bit9 has established itself as a major next-generation endpoint player, yet some people can only think of its original focus on white listing.

Read More
Did Dell and EMC Just Simplify the Enterprise Mobility Strategic Decision Making Process?

The fact that major IT vendors are consolidating isn’t a surprise, given the feedback we hear from IT professionals about wanting to work with fewer vendors that can be more strategic to their business. The Dell/EMC acquisition also lends itself to further validation that traditional IT consumption models are being disrupted, and it is difficult to transform business models and/or continue to operate in a single proverbial IT silo. Some of this dynamic is due to a valid means of consuming IT services from public cloud providers, and the rest can be credited to IT being too complex for too long. While Dell and EMC will not position it as such, the acquisition is poised to capitalize on the fact that IT is slow and difficult to change. This fact is good for Dell/EMC as they will continue to service this massive base even as business consume more services from the cloud.

Read More
Pentahos Three-Legged Race to Big Data (with HDS)

Pentaho World 2015 was held in sunny Orlando this year, with over 500 attendees, and was by all accounts a friendly and informative affair. About the only question no one could answer is why the company is called Pentaho, but a rose by any other name is still very nice. One thing that was quite clear is that the team is hitting its stride with HDS as a powerful running mate.

Read More
Amazon Workspaces Delivery Compelling Usage Scenarios

I use Amazon Workspaces on my iPad Mini and have been impressed with its usability. While I admit that it is not my primary workspace, it works great for when I am using my iPad and need to get something done in a Windows environment. If I could use a mouse with the workspace like you can with Citrix Receiver, then I would significantly increase my usage of the environment.

Read More
Hybrid Clouds and Cybersecurity Front and Center at AWS re:Invent

The contrast of the DJ music pumping out bass lines and drum beats over hits from the 70s was quite apropos for the mix of hipster and middle age attendees at last week’s AWS re:Invent where the word of the week was hybrid. This year’s AWS re:Invent show had a decidedly different feel to it, one of enterprise IT. AWS holds an enviable position as the leading provider of infrastructure-as-a-service (IaaS) cloud computing services where they are Coke and we’re still waiting for Pepsi to show up. With that ground staked out, AWS is now clearly intent on being a major IT brand and that means embracing hybrid clouds and putting security front and center. 

Read More
Is Public Cloud in Dells Cards Post EMC Acquisition?

With the tech world all abuzz about the blockbuster Dell buyout of EMC, a few thoughts on what the combination of Dell and EMC could mean from a cloud perspective.

Read More

Videos

Women working in the IT industry share their experiences – covering the opportunities they have had, the challenges they have had to overcome during their careers to date, and offering plenty of constructive thoughts and observations as to what improvements still need to be made when it comes to improving diversity within the workplace. Episode 28 Marion Stewart, Chief Operating Officer at Red Helix
Max Schulze, Founder of the Sustainable Digital Infrastructure Alliance, discusses the activities of the organisation as it works on many initiatives to promote environmental best practice across the data centre and wider IT sectors, optimistic that the scale of the challenge is not beyond the reach of a combination of technology and business innovation.
Pure Storage’s Wes Van Den Berg, Vice President and General Manager, UK & Ireland, discusses the findings of the company’s recent IT Sustainability Impact Survey. IT departments have a major role to play in helping organisations achieve their sustainability goals; and IT vendors have a similar responsibility to supply energy-efficient, sustainable solutions – Evergreen storage in Pure Storage’s case.
Spencer Pitts, Digital Workspace Chief Technologist, VMware, discusses the company’s research on the post-pandemic and hybrid workplace, before sharing some valuable insights as to how a digital first approach, that prioritises the digital employee experience, can bring major benefits to any organisation, so long as the appropriate combination of company culture and technology solutions is in embraced.

News

CP Automation teams up with Janitza to provide residual current monitoring.
The European Space Agency (ESA), an intergovernmental organisation shaping Europe’s space capability, is working with data management experts NetApp to help store the vast amount of data collected today and over the past 30 years of space exploration. The data stored comes from the ESA’s solar system missions and from the ESA’s fleet of cosmic observers.
BT Group’s Digital Unit and Amazon Web Services (AWS) have formed a new, wide-ranging strategic collaboration agreement, building on the existing partnership between the companies that already sees AWS play a key role in supporting the Group’s modernisation.
The partnership will enable CyberCX to equip its customers with unprecedented visibility over their encrypted network, ensuring they meet both internal and regulatory encryption standards.