10-10-2015, 20:06 #1
[EN] Brazilian Internet users suffer SoftLayer's security fail
SoftLayer, perhaps in an attempt to extend their business in the rapidly-growing Brazilian market, deliberately relaxed their customer vetting procedures. Cybercriminals from Brazil took advantage of SoftLayer's extensive resources and lax vetting procedures.
In the summer of 2015, the number of SBL listings involving SoftLayer Technologies (an IBM company) increased rapidly, bringing Softlayer to the #1 spot on the Spamhaus Top 10 list of most problematic ISPs. This attracted a great deal of attention, because Softlayer has traditionally been a responsible ISP, and has made a number of contributions to the security and anti-spam industries. As one would expect, this situation prompted questions. What was happening? Had Softlayer, after years of being a responsible, whitehat ISP, suddenly turned rogue?
The answer to the second question, no, they hadn't. Unfortunately, what happened to Softlayer can easily happen to any ISP that makes certain unwise choices. We wrote this article to explain how an ISP with Softlayer's technical resources and excellent track record came to have such severe problems with a specific spam and malware operation, and to warn other ISPs so that they don't fall victim to this, or another, spam gang using the same tactics.
In the last few months, a massive number of IP addresses on SoftLayer’s network sent spam that tricked recipients into downloading and installing malware. While the spam itself explicitly targeted Brazilian users, it was sent to large numbers of harvested email addresses belonging to users around the world. When Spamhaus researchers looked at the sources of these spams, the IP address ranges always seemed to be assigned to fake but plausible Brazilian companies or organizations whose names changed every day, sometimes several times a day. The SBL team started to create listings for these IP address ranges, and SoftLayer responded to them as always. However, this Brazilian malware gang was so active that many SBL-listed IP address ranges were being reassigned to the same spam gang immediately after re-entering the pool of available IP addresses. After observing the same IP address ranges being reassigned repeatedly to the same spammers, Spamhaus contacted the SoftLayer abuse department and told them that SBLs for these specific issues would not be removed until SoftLayer was able to get control of the overall problem with these spammers.
Because the Brazilian malware operation that caused this situation is so large, the SBL count for Softlayer IP address ranges rapidly reached rarely previously seen numbers (>600).
What allowed the issue to get this big?
Spamhaus can only guess the answer to this question. We believe that SoftLayer, perhaps in an attempt to extend their business in the rapidly-growing Brazilian market, deliberately relaxed their customer vetting procedures. Cybercriminals from Brazil took advantage of SoftLayer's extensive resources and lax vetting procedures. In particular, the malware operation exploited loopholes in Softlayer's automated provisioning procedures to obtain an impressive number of IP address ranges, which they then used to send spam and host malware sites. IBM acquired SoftLayer in June 2013, obviously leading to ongoing organizational changes. These changes might continue to affect SoftLayer's abuse and security operations.
Is this solved now?
Not really. Softlayer has slowly reduced the extent of its problem with this malware operation, but the problem is still far from solved. SoftLayer has taken months to change its procedures and bring this issue under control. With big companies, that is not exactly unexpected, but Spamhaus is certainly not satisfied with the glacial pace to a solution. This situation also damages the reputation Softlayer (and its parent company IBM) who have for years been trying to craft a public image as to what a good, safe and security conscious corporation they supposedly are. This summer, Brazilians infected with malware and other spammed internet users would beg to differ.
Última edição por 5ms; 10-10-2015 às 20:14.
10-10-2015, 21:41 #2
10-10-2015, 21:53 #3
- Data de Ingresso
- Jul 2012
A quantidade de SPAM oriundo da Softlayer cresceu de tal forma durante a metade do ano que, ao final das contas, bloqueei mensagens com o RDNS padrão da Softlayer.
10-10-2015, 22:05 #4
- Data de Ingresso
- Jul 2012
E como meu servidor de e-mail fica na Softlayer também, de onde a quantidade de envio é baixíssima, há cerca de um mês meu IP, possivelmente por problemas de vizinhança, foi bloqueado pelos serviços da Microsoft como Outlook, Live e Hotmail.
Felizmente a Microssoft é ágil para reverter, coisa de poucas horas após enviar o formulário. Mas passamos 48 horas fazendo o relay por um servidor secundário.
11-10-2015, 12:25 #5
- Data de Ingresso
- Nov 2010
- SJRP - SP
comecei a receber e-mail da rede deles com conteúdo altamente perigoso!
mandei um abuse para eles Softlayer Security (abuse@softlayer).
pediram para provar!. bem provei!
enviei dezenas de provas, conforme ia aparecendo.
até agora nenhum resposta!
A quantidade de ocorrência diminuiu, mas ainda ocorrem.
13-10-2015, 10:22 #6
A IBM fará do limão uma limonada ou é o inicio do fim da "SoftLayer, an IBM Company"?
BTW Former SoftLayer chief Lance Crosby surfaces at stealthy security startup (StackPath)
Última edição por 5ms; 13-10-2015 às 10:24.
13-10-2015, 10:47 #7
IBM opens another cloud data centre in IndiaBig Blue has opened a cloud data centre in Chennai, India, as part of its plan to have cloud in every major financial market. Mumbai is the financial capital of India and IBM already has a data centre there.
The company said the move is part of $1.2 billion it’s spending on IBM Cloud worldwide.
And, as part of its commitment to the Indian startup market, IBM has struck a partnership with NASSCOM (the National Association of Software and Services Companies) and has created Techstartup.in – a place, where it says angels, mentors, investors, academics and venture capitalists will cooperate to create a bigger cloud market.
IBM has also introduced two developer initiatives – developerWorks Premium and a cloud certification programme. It is cooperating with Accenture, Tech Mahindra and CSC to encourage Indian developers to extend IBM Cloud tech, such as IBM Bluemix.
Robert LeBlanc, a senior VP of IBM Cloud, said that the Indian cloud market is set to grow exponentially.
He said that it will work with NASSCOM’s 10,000 Startups programme to give local developers and engineers the skills they need to help grow the market.
The Chennai data centre will offer Softlayer infrastructure services.India has 2.75 million developers, making it the world the second largest developer population and it will outstrip the USA by 90 percent, according to research firm Evans Data Corp.
Primeiro número 2
Última edição por 5ms; 13-10-2015 às 11:00.
13-10-2015, 11:12 #8
PR: IBM Expands Cloud Footprint in India
Softlayer no texto? 1. IBM? 35.
BANGALORE, India, Oct. 13, 2015 /PRNewswire/ -- IBM opens its first public cloud data center in India. Located in Chennai, the new IBM Cloud data center offers local customers and end users increased performance and speed for data traveling to and from the region. Part of IBM's $1.2 billion investment to expand its global cloud footprint into every major financial market, the Chennai data center underscores IBM's commitment to India, a key growth market for the company.
With a local onramp to IBM Cloud, Indian customers, especially those in regulated industries, gain more flexibility to store and compute data within the country. The Chennai data center joins IBM's Mumbai cloud center and is part of an expansive network of data centers that blanket the globe, providing users with the performance and disaster recovery solutions needed to ensure business continuity.
In an effort to accelerate digital transformation both at the enterprise and startup level, IBM is establishing a partnership with National Association of Software and Services Companies (NASSCOM) to launch Techstartup.in, a digital hub wherein the entire Indian startup ecosystem, including angels, mentors, investors, academia and venture capitalists, can interact with each other to grow the cloud market.
In addition, IBM is launching two initiatives for developers—developerWorks Premium and a cloud certification program—to enable developers with the right tools and skills to compete and innovate in the global marketplace. Also in support of developers, IBM is working with strategic enterprise IT leaders like Accenture, Tech Mahindra and CSC to extend the use of IBM Cloud technologies, including IBM Bluemix, to developer communities in India and around the world.
"India's cloud market is poised for exponential growth, which makes it essential for Indian businesses to have local access to the resources and skills they need to help guarantee success," said Robert LeBlanc, senior vice president of IBM Cloud. "With the opening of the IBM Cloud data center in Chennai and our collaboration with NASSCOM, IBM is not only delivering greater access to a globally integrated cloud data center that offers the performance and speed needed, but it is also creating the foundation for future growth by working with NASSCOM 10,000 Startups program to equip local developers with the skills they need to grow the market."
A Local Onramp to Global Cloud Services
The Chennai data center will support India's growing customer demand for in-country cloud solutions with faster network speeds, improving both performance and reach and offers the full range of SoftLayer infrastructure services from IBM.
N. Ravishanker, CIO of leading Indian broadcast satellite television provider Tata Sky Ltd., said, "Tata Sky's transition to IBM Cloud infrastructure has helped our business become more agile and reduce latency seen in day-to-day processes. Having a local data center that is equipped to meet specific requests for our business along with IBM Cloud's ability to handle disaster recovery gives us immense confidence in the safety and security of our data."
Growing the Cloud Ecosystem in India
Developers and startups are an integral part of India's diverse ecosystem and key to the Digital India initiative. A study by Evans Data Corp suggests that, with 2.75 million developers, India currently has the second-largest developer population. And by 2018, that number will grow by nearly 90 percent to 5.2 million, surpassing the United States with the most developers.
This growth will only increase as thousands of startups are expected to establish themselves in India, generating employment opportunities for hundreds of thousands of people. This will not only pave the way for innovative services, but will also act as a major booster for the development and the progress of the Indian economy.
Given this, IBM is partnering with NASSCOM to create Techstartup.in, a hub for the entire Indian ecosystem to network, stimulate local innovation and grow the economy. Techstartup.in will provide 10,000 startups with a level playing field in India to develop new ideas and technologies.
"Techstartup.in will be a comprehensive online platform connecting and supporting India's expanding tech-entrepreneurship ecosystem. Building it together in support with IBM, it will be an embodiment of a shared commitment to increase jobs, train the workforce of the future, support new business, and ultimately ensure India is at the center of technology innovation," said Rajat Tandon, Vice President of 10,000 Startups, a NASSCOM initiative.
In addition, IBM is introducing developerWorks Premium to give developers in India and around the world the access they need to successfully prototype and deliver new cloud projects. It will serve as IBM's premier developer program, providing access to tools, cloud credits, training, education, certifications, community support, exclusive content and special discounts to leading developer events.
IBM is also introducing a developer cloud certification program, allowing developers to showcase their understanding of the industry's best practices in cloud application design on IBM Bluemix, IBM's platform as a service. This program establishes an ecosystem of developers on IBM Cloud with documented skill levels and combines existing IBM solution advisor and infrastructure architecture certifications to create a strong professional certification program across IBM Cloud technologies.
Partnering with Industry Leaders
Also in a move to support the developer community, IBM is working with strategic enterprise IT leaders to extend the use of Bluemix to developers in India and around the world.
Accenture will announce it is expanding the Accenture Innovation Center for IBM Technologies in Bangalore to help clients take advantage of rapid application development with Bluemix.
IBM Bluemix is already being used by thousands of developers at CSC, Sogeti and Tech Mahindra. These engagements are indicative of a broader trend in the industry in which enterprises are increasingly moving to hybrid deployment models to capture the flexibility, scalability and cost benefits of the cloud while they extract value from on-premises data.
About IBM Cloud Computing
For more information about IBM Cloud, please visit. ww.ibm.com/cloud and follow us in twitter @IBMcloud.
For more on 10,000 Startups, a NASSCOM initiative, visit http://10000startups.com/.
Última edição por 5ms; 13-10-2015 às 11:19.
13-10-2015, 11:24 #9
PR: UAE's Etihad Airways signs $700 million IT deal with IBM
Abu Dhabi, UAE and Armonk, NY - 13 Oct 2015: Etihad Airways and IBM (NYSE: IBM) today announced a ten-year technology services agreement worth approximately US$700 million. This will allow the airline to enhance guest experience, develop world-class infrastructure and security, and improve efficiency.
The transformational agreement, one of the most important strategic collaborations by Etihad Airways, will provide access to the latest cloud-based technologies and services for the airline, its group companies and equity partners. Etihad Airways, one of the fastest-growing airlines in the world, carried 14.8 million passengers in 2014, and serves 113 passenger and cargo destinations.
IBM will deliver a range of secure and efficient technology services, allowing Etihad Airways and its partners to transform their IT infrastructure into global, flexible and agile cloud-based platforms to better serve their guests and employees.
The agreement includes plans for the creation of a new cloud data center in Abu Dhabi. The center, to be developed and operated by IBM, will be one of the most sophisticated technology facilities in the Middle East.
James Hogan, Etihad Airways’ President and Chief Executive Officer, said: “This is a long-term, strategic partnership which will allow Etihad Airways and its partners to harness the latest technologies as we deliver our award-winning services. This is a game-changing agreement for Etihad Airways, for our partners and employees, and for Abu Dhabi.”
IBM was selected due its global reach, its experience and alignment with Etihad Airways’ technology and innovation strategy of deploying cloud-first initiatives to simplify its technology systems, while offering greater capabilities for lower operational costs. The cloud, analytics, mobile, security and cognitive technologies will drive increased efficiencies and effectiveness for all Etihad Airways businesses, as well as for the Etihad Airways Partners.
Through IBM’s mobile solutions, developed under the Apple-IBM alliance, the airline will provide enhanced mobile capabilities to its employees and guests. Other solutions will enable airport operations to run more efficiently, which will improve the guest experience as a result of an enhanced end-to-end process.
IBM and Etihad Airways will create a joint technology and innovation council in Abu Dhabi to develop more personalised travel solutions using IBM’s global research capabilities and the airline’s industry expertise. The council will focus on value creation for Etihad Airways and its guests, as well as bringing technological innovation and benefits to Abu Dhabi and its people.
Robert Webb, Etihad Airways’ Chief Information and Technology Officer, said: “This landmark agreement, a fundamental part of our technology and innovation strategy, will bring us a global IT delivery platform that is secure, resilient and future-ready for Etihad Airways’ companies and equity partner airlines.
“We have chosen IBM as a global technology partner due to its commitment to its people, its experience in delivering such transformations, and its history of leadership and innovation in the airline industry. We are confident that this collaboration will ultimately enhance our guest experience and reinforce our competitive position further within the industry.”
Martin Jetter, Senior Vice President, IBM Global Technology Services, said: “By partnering with IBM in this transformation journey, Etihad Airways is accelerating the move to new technologies such as cloud computing and cognitive. These technologies will help the airline to improve efficiencies and achieve its ambitious growth plans as a globally integrated aviation group.”
Etihad Airways’ current data center, IT infrastructure, applications and security operations will be migrated to the new data center in Abu Dhabi, and disaster recovery will be managed at an IBM Cloud data center in Europe. This approach will allow the airline to scale and manage its IT resources more efficiently, while ensuring business continuity.
As part of the agreement, around 100 Etihad Airways information technology employees will transition to IBM, where they will have access to further IT skills development opportunities. IBM will manage the entire data center operation, including individual infrastructure services and IT helpdesk for Etihad Airways.
The collaboration provides a global framework for technology service delivery for Etihad Airways and its Etihad Airways Partner airlines, including Alitalia, airberlin, Jet Airways, Air Serbia, Air Seychelles and Etihad Regional.
The agreement was signed at the end of September 2015.
01-11-2015, 14:21 #10
bloqueei mensagens com o RDNS padrão da Softlayer.
- Data de Ingresso
- Jul 2012
A SL trocou o DNS reverso padrão de
xxx.......ip4.static.sl-reverse.com e os spams voltaram!
adicionando mais uma string nas as regras de bloqueio....