Software – CCNA training CCIE training

Cisco switch software vulnerable

Posted on December 26, 2015 by Lindsay Posted in Tech Leave a comment

IOS XE 16.1.1 for Catalyst 3850, 3650 could allow attackers to reload devices

Cisco this week issued a security advisory on a vulnerability in its IOS XE software. IOS XE Release 16.1.1 could allow an attacker to cause an affected device to reload.

9 ways Windows 10 just got better

We rank the new features and tweaks to Windows 10 that were included in last week’s update.
Read Now

The vulnerability is due to incorrect processing of packets that have a source MAC address of 0000:0000:0000, the advisory states. An attacker could exploit it by sending a frame that has a source MAC address of all zeros to an affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate it, the company says.

The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerability, the advisory states.

Earlier this week, Cisco said it was reviewing its products to ensure no backdoor corruptions, or “malicious modifications” exist after Juniper announced that its ScreenOS firewall operating system has been vulnerable for years.

Click here to view complete Q&A of 210-451 exam

Best Cisco 210-451 Certification, Cisco 210-451 Training at certkingdom.com

Software Defined Networking: Trend or technology movement?

Posted on September 27, 2015 by Lindsay Posted in Tech Leave a comment

Cisco Systems Inc (CSCO.O) said Thursday it would form a joint-venture with Chinese server maker Inspur to sell networking and cloud computing products in China, where the Silicon Valley firm faces political pressure and declining sales.

Cisco and Inspur said they would invest $100 million in the project, although they offered few other details.

The partnership is one of a growing number of tie-ups between Chinese and U.S. technology firms announced during or ahead of Chinese President Xi Jinping’s visit to the United States this week.

Microsoft Corp (MSFT.O) said on Thursday it would partner with Baidu Inc (BIDU.O) and Chinese state-owned private investment firm Tsinghua Unigroup on cloud technology, while Dell Inc announced last week it would invest $125 billion over five years in China.

Earlier this year, IBM (IBM.N) pledged to help develop China’s advanced chip industry with a “Made with China” strategy, while chipmakers Intel Corp (INTC.O) and Qualcomm Inc (QCOM.O) are developing chips with smaller Chinese companies.

Similar to its dealings with the foreign auto industry in decades past, Chinese officials have made clear to foreign technology firms that market access depends on their sharing technology and cooperating with Chinese industry.

Like many of its peers, Cisco’s market share has retreated in recent quarters in China, where its products have been labeled a cybersecurity threat by state media and government-affiliated experts.

U.S. business lobbies have said the Chinese allegations amount to protectionism, while China has pointed to the experience of Cisco’s Shenzhen-based rival Huawei Technologies Co Ltd [HWT.UL], which faced similar accusations from Capitol Hill when it sought to enter the United States.

Best Cisco CCNP Training, Cisco 400-101 Training at certkingdom.com

Target confirms customer PINs were taken in breach, maintains data is safe

Posted on December 28, 2013 by Lindsay Posted in Tech

But the PINs were encrypted and therefore should be inaccessible to hackers, according to the retailer

Target has confirmed that hackers obtained customer debit card PINs (personal identification numbers) in the massive data breach suffered by the retailer during the busy holiday shopping season, but says customers should be safe, as the numbers were encrypted.

Some 40 million customer debit and credit cards were affected by the breach, but until now it wasn’t clear that PINs were part of the hackers’ massive haul.

“While we previously shared that encrypted data was obtained, this morning through additional forensics work we were able to confirm that strongly encrypted PIN data was removed,” Target said in a statement on its website Friday. “We remain confident that PIN numbers are safe and secure. The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems.”

When Target customers use their debit cards, the PIN is secured with Triple DES encryption at the checkout keypads, according to the statement. “Target does not have access to nor does it store the encryption key within our system,” it adds. “The PIN information is encrypted within Targets systems and can only be decrypted when it is received by our external, independent payment processor. What this means is that the ‘key’ necessary to decrypt that data has never existed within Targets system and could not have been taken during this incident.”

The company didn’t reveal how many PINs were taken, or whether it even knows the total at this point in its probe.

Target is still in the early stages of its investigation into the breach, according to Friday’s statement. The company previously said it was working alongside the U.S. Secret Service and Department of Justice on the investigation.

U.S. lawmakers have called for an immediate investigation into Target’s security practices. The retailer has said customers will not be forced to pay for any fraudulent charges on their card, and are also eligible to receive credit monitoring at no charge.

Best CCNA Training and CCNA Certification and more Cisco exams log in to examkingdom.com