One of the great strengths of VNS3 has always been the ease with which you can look at your network traffic, a necessity for troubleshooting connectivity issues or attesting to correct packet flow. With our release of VNS3 5.0 we have added some big functional improvements that make our network sniffer even better.
News Roundup: Week of Jun 03, 2019
AWS Community Day | Midwest is Coming to Chicago!
Cohesive Networks is excited to be participating in AWS Community Day | Midwest in Chicago this month! The event will feature a keynote on Community & Cloud by Calvin Hendryx-Parker, as well as ‘Lightning Talks’ concerning “Building an HA enterprise search engine on ECS” (Jack Schlederer), “Cloud HSM: Frustration as a Service” (Paul Kuliniewicz), “Running Containers in AWS – Learn about ECS, EKS and Fargate” (Andrew May), and more! If you’re in the midwest we’d love to see you at the event! Click here to register.
Report on Insecure Enterprise IoT Networks
Zscaler released a report on the security of IoT networks finding a shocking 91.5% of traffic to be unencrypted. This of course leaves these networks vulnerable to network sniffing and Man-in-the-middle attacks. IoT adoption and connected device ubiquity is accelerating, in some cases at the expense of following security best practices. Regulation for IoT is looming , with some legislation already proposed. Zscaler recommends the following in securing your IoT networks:
- Change the default credentials for your connected devices
- Build network isolation into your IoT networks to prevent lateral traffic between devices, using firewalls to lockdown inbound and outbound traffic
- Restrict access to IoT devices from external networks and lock down unnecessary ports
- Apply regular security and firmware updates to your devices and secure your network traffic
- Deploy a solution to your IoT network for visibility into all IoT devices on the network
Google Network Outage: Jun 02, 19
This past Sunday Google’s Network experienced “ a disruption ” that “caused slow performance and elevated error rates on several Google services, including Google Cloud Platform, YouTube, Gmail, Google Drive and others.” As Google put it , the issue was caused by “a configuration change” that was “incorrectly applied” at a larger scale than intended, limiting various regions’ use of their potential network capacity. The foundation of Google’s resiliency is and has been their ability to learn from these events and successfully automate the prevention of similar events from occurring down the road.
- Build network and permission segmentation into your infrastructure and configuration deployments. Deployments should have temporary access to only the environment resources they need.
- Monitor expected resource allocations. This level of visibility reduces response time.
- For enterprises that require high resiliency, failover built with a multi-cloud approach might be required to prevent any downtime.
LabCorp Discloses Further Information on AMCA Breach
In a continuation of the Quest Diagnostics Breach narrative, LabCorp filed this week with the U.S. Securities and Exchange Commission claiming that “personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm” – KrebsonSecurity. This is likely the first of many disclosures by companies similarly impacted by the breach, raising questions about whether or not PCI-DSS regulations were followed or HIPAA laws were broken. The seriousness of the breach is compounded by how long the breach persisted and the fact that it was only discovered by a third-party compliance firm ( Gemini Advisory) and not the AMCA. The AMCA has provided very little info thus far as to where the systems in question are run, whether they’re cloud systems, ‘on-prem’ PaaS, or otherwise.
PSA: Patch Your CISCO Devices
If your company is running on a CISCO device, be sure to verify they’ve received all security patches. Multiple high impact bugswere reported by CISCO in the last month and security researchers have already released proof-of-concept exploits, leaving enterprises vulnerable. As always, continue to monitor CISCOs security advisories and alertsand if possible, automate your security patch updates.