Tag Archive for: .NET

Week in review: Strengthening firmware security, Help Net Security: XDR Report released


Here’s an overview of some of last week’s most interesting news, articles and interviews:

Help Net Security: XDR Report has been released
The topic of this inaugural report is extended detection and response (XDR), an emerging technology that has been receiving a lot of buzz in the last few years.

Apache OpenOffice users should upgrade to newest security release!
The Apache Software Foundation (ASF) has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed RCE vulnerability that could be triggered via a specially crafted document.

Apple fixes iOS zero-day exploited in the wild (CVE-2021-30883)
With the newest iOS and iPad updates, Apple has fixed another vulnerability (CVE-2021-30883) that is being actively exploited by attackers.

Microsoft patches actively exploited Windows zero-day (CVE-2021-40449)
On October 2021 Patch Tuesday, Microsoft has fixed 71 CVE-numbered vulnerabilities. Of those, only one was a zero-day exploited in attacks in the wild (CVE-2021-40449) and three were publicly known before the release of the patches.

How do I select a SASE solution for my business?
To select a suitable SASE solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

REvil/Sodinokibi accounting for 73% of ransomware detections in Q2 2021
McAfee released a report which examines cybercriminal activity related to ransomware and cloud threats in the second quarter of 2021.

Strengthening firmware security with hardware RoT
Hackers are growing smarter and more sophisticated in their attempts to avoid detection. With IT security and visibility efforts still largely focused higher in the stack at the application layer, bad actors are seeking to breach systems further down the stack at the firmware level.

Remote work exposing SMEs to increased cybersecurity risk
Remote working is leading to increased cybersecurity risks for SMEs, a research from ServerChoice shows. The research, conducted with 1,000 business leaders at SMEs, found that changes in working patterns are resulting in infrastructure being left…

Source…

NET Stock: Cloudflare Solves the Internet’s Need for Speed and Security


Cloudflare (NYSE:NET) investors had to ride a roller coaster for the first five months of 2021. However, since mid-May, NET stock has been in growth mode, posting gains of over 50% from its low point. On July 9, it closed at $108.97, a new all-time high, though it has since eased back. Still within spitting distance of that record close, will NET stock run out of momentum, or does it still have room for growth?

Close up of Cloudflare logo at the Company's headquarters

Source: Sundry Photography / Shutterstock.com

I would argue that Cloudflare is a company with the right product mix at the right time to continue fueling long-term growth. Online shopping is only continuing to grow in popularity. Other services are moving online, including the transition from cable TV to streaming video services.

Cloudflare provides the critical services that keep online services fast, and keep them safe. It’s even a big part of exploding IoT (Internet of Things) growth. This Portfolio Grader “B” rated stock is up nearly 500% from its September 2019 public debut. Given the business Cloudflare is in, the stock growth may just be getting started.

The Importance of Website Speed

One of CloudFlare’s primary lines of business is being a CDN, or content delivery network. That may not sound exciting, but it is an increasingly important service — and one that was in the spotlight during the pandemic.

Cloudflare uses local servers to host critical website services so that users enjoy the speed they expect. Even if a user is logging in on a PC across the country from a company’s main data center, they hit a Cloudflare regional server first so there is no lag and no overload. That ensures online shopping, video conferencing, and other web-based activities offer a positive experience for all users, regardless of their location.

Now, more than ever, slow-loading websites are simply not acceptable. As Forbes’ Jason Hall wrote in 2019:

If a page loads slowly, many people will give up and go somewhere else. That can mean a loss of traffic to your site and a loss of dollars in your pocket. Your conversion rates may suffer, and your bounce rates — the number of people who leave your site after only visiting one page — may increase.

In…

Source…

Gov. Walz Combats False Reports That He Spent Thanksgiving Weekend In Florida, Has $400M Net Worth – WCCO


MINNEAPOLIS (WCCO) — After a long weekend in which Gov. Tim Walz begged Minnesotans not to travel, some may have been surprised by some online reports.

Social media was filled with news that while protestors demonstrated against restrictions this weekend at his residence, Walz was vacationing in Florida.

Another widely-shared story is that Walz, who talks often of his and his wife’s careers as public school teachers, is suddenly a wealthy man, worth $400 million.

Walz says both the trip and his alleged wealth are definitely not true.

“I have not left the state since March, since [the pandemic] happened,” Walz said. “The thing I most worry about though is if you are willing to believe those types of things without any proof, you’re probably not going to listen to me when I tell you to wear a mask.”

The governor’s staff at first brushed off the comments, but then the volume increased, and the public began calling the governor’s office to complain about the imaginary Florida trip.

Mark Lanterman, a former cyber security investigator for the United States Secret Service, now runs the cybersecurity firm Computer Forensics Services.

“We need to remember that just because it’s on the internet doesn’t mean it’s true,” Lanterman said.

He says it’s important to remember websites, like the one that’s disseminating false information about Walz’s net worth, may also be making money.

“Many organizations with web pages get paid based on the number of clicks that are driven to their webpage, whether that’s a quarter cent or half a cent, it all depends,” Lanterman said.

The governor and Minnesota Department of Health Commissioner Jan Malcolm say this latest spread of fake news, like the virus, is weaving its way into people lives, creating an alternate reality that can also be deadly.

“It’s deeper than that because it goes to undermining the policies,” Walz said.

“People saying, ‘Well don’t bother to get tested because the state is cooking the numbers,’” Malcolm said. “That’s horribly dangerous.”

The governor’s office says they do not know where, or who, originated the reports. Lanterman says the origin of internet fake news stories…

Source…

No, BitTorrent’s Plan for Cryptocurrency-Fueled Speed Boosts Doesn’t Violate ‘Net Neutrality’

For a subject we’ve been collectively discussing ad nauseum for the better part of two decades, it’s kind of astounding how many people still don’t really understand how net neutrality works.

Case in point: last week, BitTorrent (or what’s left of it under new owner TRON) announced yet another business model revision, stating it would be integrating cryptocurrency into their BitTorrent platform. One of the goals of this “Project Atlas” is to develop a system that would financially-reward folks who seed files. TRON put the project plan this way:

“The new token, also called BitTorrent (BTT), will be issued by BitTorrent Foundation, established in Singapore and will enable users to exchange tokens to improve network speed. By providing users with the ability to use BTT tokens for faster downloads, the company aims to accelerate the overall speed of torrents. “BitTorrent token is the first in a series of steps to support a decentralized internet,” said Justin Sun, founder of TRON and CEO of BitTorrent. “In one giant leap, the BitTorrent client can introduce blockchain to hundreds of millions of users around the world and empower a new generation of content creators with the tools to distribute their content directly to others on the web.”

Whether the blockchain can magically somehow make BitTorrent a sustainable business (a decade long quest at this point) is a subject for another day. More interesting to me was some of the reaction to TRON’s announcement, including this piece over at TorrentFreak attempting to paint BitTorrent as a hypocrite for advocating for net neutrality, then itself embracing “fast lanes” on the internet:

“While details are scarce, it’s clear that with the BTT token users will be able to pay to speed up their downloads. It’s not clear how this will work, but it’s likely that a paying downloader will get priority over others. That sounds a bit like a “fast lane” and paid “prioritization,” albeit on a different scale. Large companies are not paying for faster access in this case, but ‘wealthy’ BitTorrent users are.

TorrentFreak asked both TRON and BitTorrent about their thoughts on this Net Neutrality argument and if it presents a problem. The TRON team said that it couldn’t comment on the matter, while BitTorrent didn’t respond at all.

The difference here is that users can choose to use another BitTorrent client if they’re not happy with what BitTorrent is doing. That’s not the case for broadband, where the lion’s share of Americans only have access to one ISP at speeds of 25 Mbps or greater. Net neutrality violations are just a symptom of this limited competition, which lets giant telecom operators like AT&T or Comcast abuse their roles as natural monopolies. Net neutrality rules were simply a telecom-specific stopgap measure until somebody, anybody, is willing to actually challenge these companies politically and embrace real, pro-competitive policies.

Somehow, people take this telecom-specific paradigm and weirdly try to casually apply it to other sectors, as TorrentFreak does here. You’ll often see the same mistake made when folks like Mark Cuban call for “search neutrality” or “app neutrality.” Again, you can generally choose to not use a social media website or app store if you’re not happy with the business decisions they’re making. You can’t do that in telecom. That’s why net neutrality is a concept specific only to broadband and the lack of competition there that’s plagued consumers for the better part of two decades. In broadband, users often have no other choice.

That’s not to say there aren’t valid criticisms for what TRON is doing here. But again, you can’t call this a net neutrality violation because the term applies specifically to core telecom networks, not software platforms where users have the option of numerous other clients. The monopoly-dominated dance of dysfunction in telecom is a very unique animal, resulting in the creation of a very unique term in “net neutrality.” It can’t just be thrown about casually every time you see someone engaging in dubious behavior. That’s not how any of this works.

Permalink | Comments | Email This Story

Techdirt.