I've been doing a lot of reading and video watching on securing industrial control and automation systems (ICAS) (sometimes referred to as SCADA systems) so this POI has a few links related to that and ends with a link to an editorial piece about privacy and why privacy matters to us all.
It's been a while since I've done a POI so here we go. The Mystery of Duqu 2.0: a sophisticated cyberespionage actor returns https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns/ Kaspersky Lab found this new variant of the Duqu malware in their own network. They wrote a paper based on their analysis of this new malware. It fascinates me how sophisticated these software packages are and how much effort the threat actors put into them. Diffie-Hellman Key Exchange Diffie-Hellman (DH) is the world's first public key crypto system.
I was recently brushing up and refreshing my OSPF knowledge and I discovered some great resources that I wanted to document for my future use and also share with others. I found these resources great for explaining/detailing area types, packet types, and neighbor states. This first document hosted at packetlife.net is one of the best explanations of packet types I've ever seen due to the visual aids that the author, Jeremy Stretch, incorporated.
These are some articles/interviews that I came across this week that got me thinking about Apple's Bonjour in enterprise environments.
Here's a summary of interesting articles/posts that I've come across in the last couple of weeks.
I read two interesting articles on VTP (Cisco's VLAN Trunking Protocol) this week. The first is an older article from networkworld.com that reminds us all that VTP clients are also capable of updating VLANs on the network, not just servers. When I first heard that a VTP client can update a VTP server under the right conditions, I was frankly a non-believer. No way. I'd seen evidence to the contrary in several documents at cisco.