wireless – CCNA training CCIE training

500,000 Belkin WeMo users could be hacked; CERT issues advisory

Posted on February 19, 2014 by Lindsay Posted in Tech

IOActive researchers uncovered numerous vulnerabilities in all Belkin WeMo home automotation devices that put over half a million WeMo users at risk of being hacked, but when CERT tried to contact Belkin, Belkin chose not to respond at all.

When U.S. CERT comes knocking, it seems unwise for a company to stick its head in the sand and hide. But that’s reportedly what happened when the CERT division of the Carnegie Mellon Software Engineering Institute tried to contact Belkin about numerous vulnerabilities discovered in Belkin WeMo home automation devices.Belkin WeMo security holes threaten over half a million users

CERT was contacted by researchers from IOActive after they uncovered “multiple vulnerabilities in Belkin WeMo Home Automation devices that could affect over half a million users.” Since Belkin failed to issue a fix for any of the flaws, IOActive “recommends unplugging all devices from the affected WeMo products.”

If you’ve dropped any money into WeMo products, such as Belkin WeMo switch and motion, WeMo Light switch, Insight switch and WeMo switch, then you are probably not pleased or fond of the idea of unplugging your WeMo versions of home automation. With apps for both Android and iOS to make setup quick and easy, WeMo products are some of the most popular home automation devices on the market. However, according to the CERT advisory for WeMo, “A remote unauthenticated attacker may be able to sign malicious firmware, relay malicious connections, or access device system files to potentially gain complete access to the device.” Furthermore, “We are currently unaware of a practical solution to this problem.”

There are five separate vulnerabilities listed in CERT’s advisory, starting with “Belkin Wemo Home Automation firmware contains a hard-coded cryptographic key and password. An attacker may be able to extract the key and password to sign a malicious firmware update.”

IOActive researchers published a five-page report [pdf] detailing the WeMo flaws, but warned in simple terms that the WeMo vulnerabilities “expose users to several potentially costly threats, from home fires with possible tragic consequences down to the simple waste of electricity.”

Additionally, once an attacker has established a connection to a WeMo device within a victim’s network; the device can be used as a foothold to attack other devices such as laptops, mobile phones, and attached network file storage.

IOActive is far from the first to warn about WeMo’s hackability; in January 2013, researcher Daniel Buentello plugged a lamp into a WeMo switch and “made it blink like it was possessed, with the relay clicking on and off, faster and faster like it might blow up until it had a strobe effect.” In October 2013, a researcher highlighted security flaws in Belkin’s WeMo Switch, Wi-Fi NetCam and WeMo Baby that made eavesdropping easy.

Of course it’s not just WeMo; at the 2013 Black Hat Home Invasion v2.0 presentation, Trustwave researchers discussed poor security issues discovered when testing a Belkin WeMo Switch, Linksys Media Adapter, Radio Thermostat, and Sonos Bridge…as well as a $6,000 Satis smart toilet. In fact, hacking and attacking automated homes, targeting Zigbee and Z-wave wireless protocols, were hot topics in 2013 at Black Hat USA and Def Con. In August 2013, an attacker hacked a Foscam wireless IP camera to spy on and curse at a baby. TRENDnet IP cameras have been a Peeping Tom’s paradise since at least 2011.

The Internet of Things is expected to be “roughly equal to the number of smartphones, smart TVs, tablets, wearable computers, and PCs combined,” according to a forecast from BI Intelligence. There are currently about 1.9 billion IoT devices, but that’s predicted to reach 9 billion by 2018. Cisco predicts the IoT will grow to 50 billion devices by 2020. Have you ever stopped to wonder how many of those 9 – 50 billion IoT devices will be insecure and exploitable?

Belkin had better get its head out of the sand and patch these holes lickety-split because you know not everyone will hear about the flaws or bother to toss out their WeMo investment even if they do. If half of the people don’t, and WeMo is hacked or were to cause fires in all those, about a quarter of a million homes…now that would be an ugly lawsuit. Get busy, Belkin!

Best CCNA Training and CCNA Certification and more Cisco exams log in to Certkingdom.com

Cisco cites data-center, wireless for quarterly revenue increase

Posted on May 28, 2013 by Lindsay Posted in Cisco Leave a comment

Cisco cites data-center, wireless for quarterly revenue increase
Cisco says sales of servers and data-center switches are gaining with the company’s play for overall IT leadership

Data-center and wireless sales led growth at Cisco Systems in its fiscal third quarter, as it saw customers spending more in the U.S. and developing countries but reported continuing weakness in Southern Europe.

Cisco is aiming to become the leading overall IT player, breaking out of its role as primarily a network vendor. Sales of its UCS (Unified Computing System) servers and key data-center switches, which grew 77 percent, are being driven by Cisco’s overall architecture pitch, according to Chairman and CEO John Chambers. UCS and the Nexus data-center switch line now represent an annual US$5.5 billion business, he said.

Overall, Cisco’s revenue grew just 5 percent from last year’s third quarter, to $12.2 billion. Switching revenue as a whole fell 2 percent, and the company also brought in less money for its security products and Telepresence high-end videoconferencing platforms.

Profit in the quarter, which ended April 27, grew at a faster pace. Net income was $2.5 billion, or $0.46 per share, up from $2.2 billion, or $0.40 per share, a year earlier.

For the current quarter, Cisco expects revenue to grow between 4 percent and 7 percent.

While declaring itself a more strategic vendor than mere networking rivals, Cisco also restated its case on SDN (software-defined networking), which could threaten the company’s switch and router sales by separating network intelligence from underlying hardware. Cisco is promoting a variant of SDN centered on its Cisco ONE (Open Networking Environment), which it says is broader and more compatible with existing equipment. The company has more than 50 beta-test customers for Cisco ONE, Chambers said.

“I don’t think it’s going to be a software game. It’s going to be an architecture game,” Chambers said on a conference call with financial analysts following the report. Specialized silicon and hardware will play a role along with software, he said. “We have a number of challenges coming at us. In the end, it will be, in our opinion, an architectural play,” Chambers said.

Wireless was another strong area for Cisco in the quarter. Enterprise budgets are shifting from wired to wireless, Chambers said. The company’s overall wireless revenue grew 27 percent and sales of service-provider Wi-Fi more than doubled. Cisco is a major supplier of Wi-Fi networks that mobile operators are deploying to supplement their cellular infrastructure, and it is also incorporating cellular radios in that gear where needed.

Cisco saw strong sales growth with all types of customers in North America. Results improved in Central Europe and the U.K. but the company expects continued weakness in the coming quarters in Southern Europe due to that area’s weak economy. Sales in the Asia-Pacific region were essentially flat, though revenue grew 8 percent in China, Chambers said.

Best CCNA Training and CCNA Certification and more Cisco exams log in to examkingdom.com

Cisco to SDN: Bring It On

Posted on May 26, 2013 by Lindsay Posted in Cisco Leave a comment

After blowout Q3, company’s confidence unwavering in the face of the next disruption

Never one to back down from a challenge, Cisco CEO John Chambers expressed unbridled confidence in the company’s position as it faces down its next test: the advent of SDNs. Backed by a $180 billion installed base, dominant market shares in routing and switching, a bang-up third quarter that proved it is outmaneuvering rivals, and a track record of continued success over two decades of industry upheavals, Chambers told the SDN industry to bring it on.

“We feel very confident in our leadership position in this market,” he said to Wall Street analysts on a conference call this week to discuss how Cisco blew away expectations for its fiscal Q3. A transcript of the call can be found here on Seeking Alpha.com.

The formula is simple, he told them. In times of industry change – much like that presented by software-defined networking, which advocates separation of network control and services from network forwarding hardware – Cisco gets very close to its customers, the ones responsible for that $180 billion installed base. It emphasizes its experience with the legacy infrastructure – 70% to 80% it manufactured and sold to them – and articulates a holistic approach to IT transformation incorporating investment protection and incremental extension through software programmability and lots of hand-holding professional services, the same services that grew 7% over last year.

“Our leadership in the data center, wired and wireless networking and our architectural approach is enabling us to be the trusted partner for many customers as they optimize our business for a world of many clouds,” Chambers said during the conference call. “Our services business to continues to be a crucial component of our strategy to become the number one IT company. Together with our partners we are winning large multilayer service deals as our customers to ask us to partner with them to meet their business goals. We see near-term opportunities that leverage our solid $180 billion customer install base and longer-term opportunities around new consumption models and markets.”

And this is at a time where rivals such as Juniper, Aruba, Ruckus and others are offering much more sober outlooks. Cisco’s wireless business, for example,

was up 27% this quarter and its service provider Wi-Fi revenue doubled — Aruba warned that its Q3 will be light and Ruckus missed its Q1 targets.

In the data center, Cisco business grew 77% in Q3. UCS and Nexus together are on a $5.5 billion run rate with UCS benefitting specifically from integrated solutions sales, like the FlexPod reference architecture arrangement with NetApp and the Vblock pre-integrated and packaged infrastructure effort through the VCE joint venture with EMC.

Orders were even up 5% in the U.S. public sector market, a vertical that has been a laggard for Cisco and its peers for the past two-and-a-half years.

With execution like that, no wonder Chambers doesn’t flinch with the arrival of SDN and the profit-killing open source software and commodity hardware riding in on its coattails. He likened SDN to the Layer 3 switching “hype” of 20 years ago, a trend that many said threatened to kill Cisco’s router business and Cisco itself.

“Over the last 21 years, I’ve seen these challenges every few years,” Chambers said. “However, after the hype settled, it was clear that Cisco was the leader and we did it by listening to our customers and delivering products that help them transform their businesses.”

Cisco is intent on playing that same hand at the table with SDN. At the same time, it may be transforming itself.

Chambers told Cisco people listening in on the call not to get comfortable or complacent with Q3’s results.

“We’ve got to execute better, we’ve got to get better coordination across to our functional groups, and if we’re going to break away at the level we want, we got to get it up to another level as we go into Q4 and Q1,” he said.

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com