ARM And Nokia Want To Update The TCP/IP Stack
Comments Off on ARM And Nokia Want To Update The TCP/IP Stack
Nokia and ARM want to spruce up the TCP/IP stack to make it better suited to networks that need to operate at high speed and/or low latency.
Legacy TCP/IP is seen as one of the slowing points for a lot of future IT – particularly 5G. LTE was IP-based but it was hell on toast getting it to go and as networks get faster and more virtualised, the TCP/IP stack is failing to keep up.
At the moment Nokia and ARM are using 5G to drive other companies into looking at a
fully revamped TCP/IP stack, optimized for the massively varied use cases of the next mobile generation, for cloud services, and for virtualization and software-defined networking (SDN).
Dubbed the OpenFastPath (OFP) Foundation, founded by Nokia Networks, ARM and industrial IT services player Enea. The cunning plan is to create an open source TCP/IP stack which can accelerate the move towards SDN in carrier and enterprise networks.
AMD, Cavium, Freescale, HPE and the ARM-associated open source initiative, Linaro are all on board with it.
The cunning plan is to create open but secure network applications, which harness IP packet processing. Some want very high throughput, others ultra-low latency others want both and it is probably going to require a flexible standard to make it all go
The standard would support faster packet forwarding, via low IP latency combined with high capacity, and so reduce deployment and management costs by making networks more efficient.
This appears to be based around getting TCP/IP out of the kernel and using them for packet processing involves a number of operations (moving packets into memory, then to the kernel, then back out to the interface) which could be streamlined to reduce latency.
Courtesy-Fud
Heartbleed Hits Oracle
Oracle issued a comprehensive list of its software that may or may not be impacted by the OpenSSL (secure sockets layer) vulnerability known as Heartbleed, while warning that no fixes are yet available for some likely affected products.
The list includes well over 100 products that appear to be in the clear, either because they never used the version of OpenSSL reported to be vulnerable to Heartbleed, or because they don’t use OpenSSL at all.
However, Oracle is still investigating whether another roughly 20 products, including MySQL Connector/C++, Oracle SOA Suite and Nimbula Director, are vulnerable.
Oracle determined that seven products are vulnerable and is offering fixes. These include Communications Operation Monitor, MySQL Enterprise Monitor, MySQL Enterprise Server 5.6, Oracle Communications Session Monitor, Oracle Linux 6, Oracle Mobile Security Suite and some Solaris 11.2 implementations.
Another 14 products are likely to be vulnerable, but Oracle doesn’t have fixes for them yet, according to the post. These include BlueKai, Java ME and MySQL Workbench.
Users of Oracle’s growing family of cloud services may also be able to breath easy. “It appears that both externally and internally (private) accessible applications hosted in Oracle Cloud Data Centers are currently not at risk from this vulnerability,” although Oracle continues to investigate, according to the post.
Heartbleed, which was revealed by researchers last week, can allow attackers who exploit it to steal information on systems thought to be protected by OpenSSL encryption. A fix for the vulnerable version of OpenSSL has been released and vendors and IT organizations are scrambling to patch their products and systems.
Observers consider Heartbleed one of the most serious Internet security vulnerabilities in recent times.
Meanwhile, this week Oracle also shipped 104 patches as part of its regular quarterly release.
The patch batch includes security fixes for Oracle database 11g and 12c, Fusion Middleware 11g and 12c, Fusion Applications, WebLogic Server and dozens of other products. Some 37 patches target Java SE alone.
A detailed rundown of the vulnerabilities’ relative severity has been posted to an official Oracle blog.
Is Twitter Home To Malware?
May 1, 2013 by admin
Filed under Around The Net
Comments Off on Is Twitter Home To Malware?
Security outfit Trusteer has recently identified an active configuration of TorRAT targeting Twitter users. The malware launches a Man-in-the-Browser (MitB) attack through the browser of infected PCs, gaining access to the victim’s Twitter account to create malicious tweets.
Dana Tamir, Enterprise Security Director for Trusteer the malware, which has been used as a financial malware to gain access to user credentials and target their financial transactions, now has a new goal: to spread malware using the online social networking service. At this time the attack is targeting the Dutch market. But since Twitter is used by millions of users around the world, this type of attack can be used to target any market and any industry.
The attack is carried out by injecting Javascript code into the victim’s Twitter account page. The malware collects the user’s authentication token, which enables it to make authorized calls to Twitter’s APIs, and then posts new, malicious tweets on behalf of the victim.
Tamir said that the attack is particularly difficult to defend against because it uses a new sophisticated approach to spear-phishing. Twitter users follow accounts that they trust. Because the malware creates malicious tweets and sends them through a compromised account of a trusted person or organization being followed, the tweets seem to be genuine. The fact that the tweets include shortened URLs is not concerning: Twitter limits the number of characters in a message, so followers expect to get interesting news bits in the form of a short text message followed by a shortened URL. However, a shortened URL can be used to disguises the underlying URL address, so that followers have no way of knowing if the link is suspicious.
Bonets Attack U.S. Banks
January 18, 2013 by admin
Filed under Around The Net
Comments Off on Bonets Attack U.S. Banks
Evidence collected from a website that was recently used to flood U.S. banks with junk traffic suggests that the responsible parties behind the ongoing DDoS attack campaign against U.S. financial institutions — thought by some to be the work of Iran — are using botnets for hire.
The compromised website contained a PHP-based backdoor script that was regularly instructed to send numerous HTTP and UDP (User Datagram Protocol) requests to the websites of several U.S. banks, including PNC Bank, HSBC and Fifth Third Bank, Ronen Atias, a security analyst at Web security services provider Incapsula, said Tuesday in a blog post.
Atias described the compromised site as a “small and seemingly harmless general interest UK website” that recently signed up for Incapsula’s services.
An analysis of the site and the server logs revealed that attackers were instructing the rogue script to send junk traffic to U.S. banking sites for limited periods of time varying between seven minutes and one hour. The commands were being renewed as soon as the banking sites showed signs of recovery, Atias said.
During breaks from attacking financial websites the backdoor script was being instructed to attack unrelated commercial and e-commerce sites. “This all led us to believe that we were monitoring the activities of a Botnet for hire,” Atias said.
“The use of a Web Site as a Botnet zombie for hire did not surprise us,” the security analyst wrote. “After all, this is just a part of a growing trend we’re seeing in our DDoS prevention work.”
Goo.gl Link Spreading Malware via Twitter
February 21, 2011 by admin
Filed under Around The Net
Comments Off on Goo.gl Link Spreading Malware via Twitter
As if we don’t have enough to worry about when it comes to potential attacks of all kinds. First there were reports about the social media site Facebook and its highly infected news feeds now there appears to be yet another mischief seeking internet fiend sending out infected Goo.gl links via Twitter. Users are being warned not to click these suspicious links as they might direct you to malicious sites.