Monthly Archives: January 2016

Law Professor Says T-Mobile’s Video Service Likely Illegal


A new report by an influential Stanford law professor concluded that T-Mobile’s new video offering is likely “illegal” under net neutrality rules. Professor Barbara van Schewick submitted a 51-page report to the Federal Communications Commission that accused the carrier’s program, named Binge On, of violating the FCC’s general conduct rule that bars Internet service providers from unreasonably interfering with customers’ Internet choices.

The post Law Professor Says T-Mobile’s Video Service Likely Illegal appeared first on GigaLaw.

Continue reading

Posted in gigalaw | Tagged | Comments Off on Law Professor Says T-Mobile’s Video Service Likely Illegal

Man Gets Five Years Probation for Distributing Malware


An Arizona man who co-created software distributed by an organization called Blackshades that was used to hack into a million computers worldwide was sentenced to five years of probation. Michael Hogue, who online was known by the moniker “xVisceral,” was sentenced by U.S. District Judge Kevin Castel in Manhattan after pleading guilty in 2013 to distributing malware and conspiring to commit computer hacking.

The post Man Gets Five Years Probation for Distributing Malware appeared first on GigaLaw.

Continue reading

Posted in gigalaw | Tagged | Comments Off on Man Gets Five Years Probation for Distributing Malware

Facebook Institutes Ban on Private Sales of Guns


Facebook is banning private sales of guns on its flagship social network and its Instagram photo-sharing service, a move meant to clamp down on unlicensed gun transactions. Facebook already prohibits people from offering marijuana, pharmaceuticals and illegal drugs for sale, and the company said on Friday that it was updating its policy to include guns.

The post Facebook Institutes Ban on Private Sales of Guns appeared first on GigaLaw.

Continue reading

Posted in gigalaw | Tagged | Comments Off on Facebook Institutes Ban on Private Sales of Guns

Watching the Watchers Watching Your Network

It seems that this last holiday season didn’t bring much cheer or goodwill to corporate security teams. With the public disclosure of remotely exploitable vulnerabilities and backdoors in the products of several well-known security vendors, many corporate security teams spent a great deal of time yanking cables, adding new firewall rules, and monitoring their networks with extra vigilance.

It’s not the first time that products from major security vendors have been found wanting.

It feels as though some vendor’s host-based security defenses fail on a monthly basis, while network defense appliances fail less frequently — maybe twice per year. At least that’s what a general perusal of press coverage may lead you to believe. However, the reality is quite different. Most security vendors fix and patch security weaknesses on a monthly basis. Generally, the issues are ones that they themselves have identified (through internal SDL processes or the use of third-party code reviews and assessment) or they are issues identified by customers. And, every so often, critical security flaws will be “dropped” on the vendor by an independent researcher or security company that need to be fixed quickly.

Two decades ago, the terms “bastion host”, DMZ, and “firewall” pretty much summed up the core concepts of network security, and it was a simpler time for most organizations — both for vendors and their customers. The threat spectrum was relatively narrow, the attacks largely manual, and an organization’s online presence consisted of mostly static material. Yet, even then, if you picked up a book on network security you were instructed in no short order that you needed to keep your networks separate; one for the Internet, one for your backend applications, one for your backups, and a separate one for managing your security technology.

Since that time, many organizations have either forgotten these basic principles or have intentionally opted for riskier (yet cheaper) architectures and just hoping that their protection technologies are up to the task. Alas, as the events of December 2015 have shown us, every device added to a network introduces a new set of security challenges and weaknesses.

From a network security perspective, when looking at the architecture of critical defenses, there are four core principles:

  1. Devices capable of monitoring or manipulating network traffic should never have their management interfaces directly connected to the Internet. If these security devices need to be managed over the Internet it is critical that only encrypted protocols be used, multi-factor authentication be employed, and that approved in-bound management IP addresses be whitelisted at a minimum.
  2. The management and alerting interfaces of security appliances must be on a “management” network — separated from other corporate and public networks. It should not be possible for an attacker who may have compromised a security device to leverage the management network to move laterally onto other guest systems or provide a route to the Internet.
  3. Span ports and network taps that observe Internet and internal corporate traffic should by default only operate in “read-only” mode. A compromised security monitoring appliance should never be capable of modifying network traffic or communicating with the Internet from such an observation port.
  4. Monitor your security products and their management networks. Security products (especially networking appliances such as core routers, firewalls, and malware defenses) will always be a high-value target to both external and internal attackers. These core devices and their management networks must be continuously monitored for anomalies and audited.

In an age where state-sponsored reverse engineers, security research teams, and online protagonists are actively hunting for flaws and backdoors in the widely deployed products of major security vendors as a means of gaining privileged and secret access to their target’s networks, it is beyond prudent to revisit the core tenets of secure network architecture.

Corporate security teams and network architects should assume not only that new vulnerabilities and backdoors will be disclosed throughout the year, but that those holes may have been accessible and exploited for several months beforehand. As such, they should adopt a robust defense-in-depth strategy including “watchers watching watchers.”

Written by Gunter Ollmann, Chief Security Officer at Vectra

Follow CircleID on Twitter

More under: Cyberattack, Security

Continue reading

Posted in circleid | Tagged , | Comments Off on Watching the Watchers Watching Your Network

Marketplace Weekend for Friday, January 29, 2016

This weekend, guest host Molly Wood looks at the unique alcohol monopoly in Maryland, musician and rapper Anderson .Paak  takes our economics-inspired questionnaire, and Marketplace Weekend host Lizzie O’Leary reports on the ground from Flint, Michigan.  Continue reading

Posted in marketplace | Comments Off on Marketplace Weekend for Friday, January 29, 2016