Tag Archive for: Appliances

Delphix to Launch Continuous Ransomware Protection, DevOps Data Appliances


Delphix, the industry leader in DevOps test data management (TDM), today announced the launch of two new data appliances powered by Dell Technologies. Both appliances are fully engineered software solutions optimized for performance and reliability.

The Delphix CDP Appliance provides businesses with continuous data protection, multiple levels of ransomware detection, and the ability to automate instant recovery of multiple applications to a clean and data-consistent state. The Delphix DevOps Appliance provides the most advanced and secure TDM solution in the market, enabling customers to release software faster, safer, and at higher quality.

The Delphix CDP Appliance syncs data from enterprise applications in near-real time and creates a continuous, immutable data record, so applications can be recovered to any time, down to the second or a transaction boundary, for a near-zero recovery point objective (RPO). In contrast, traditional backups only protect data once a day, leaving the potential for a full day’s loss of critical business transactions.

In addition, the appliance enables the instant recovery of multiple applications using APIs for a near-zero recovery time objective (RTO). Business processes, like quote to cash, often create data dependencies and consistency challenges across applications. With this new appliance, businesses can quickly recover multiple applications to a data consistent state, even across multiple points in time, in order to determine a clean data state prior to a ransomware attack.

The Delphix CDP Appliance is built on a zero trust architecture. All data is immutable, and retained data snapshots and policies can be locked from tampering or deletion. In addition, the appliance is a fully contained, isolated recovery environment that can optionally include application and database servers.

Today, businesses need to balance both security and innovation. Many companies leave test data security and provisioning up to individual application teams and administrators, often in violation of privacy compliance and industry regulations. The Delphix DevOps Appliances automate sensitive data discovery, masking, and delivery to fully protect consumer data privacy…

Source…

AT&T Looks to Shut Down Botnet that Attacked 5,700 Network Appliances


AT&T is working to stop a botnet that has infected at least 5,700 network edge servers inside its networks and appears designed to steal sensitive information and launch distributed denial-of-service (DDoS) attacks.

Researchers at Netlab, the network security unit of Chinese tech giant Qihoo 360, wrote in a report this week that the rapidly updated botnet was attacking voice-over-IP (VoIP) servers from Edgewater Networks that are housed within AT&T’s network and are designed to route traffic from enterprise customers to upstream mobile providers (in this case, AT&T).

The botnet was able to exploit an older vulnerability in unpatched EdgeMarc Enterprise Session Border Controllers (ESBCs) that is tracked as CVE-2017-6079. Once inside the appliances, the botnet installed a modular malware strain that the Netlab researchers dubbed EwDoor.

The researchers initially detected the botnet on Oct. 27, observing it attacking the ESBCs through the four-year-old vulnerability. They wrote that the botnet uses a “relatively unique” mount file system command in its payload.

A Short Window of Visibility

The initial version of EwDoor used a multiple command-and-control (C&C or C2) redundancy mechanism, but after having problems with the main C&C network, the botnet operators reconfigured the communication model and the researchers lost track of the botnet. However, during the short time they had sight of it, they confirmed that the targets were the Edgewater devices within the AT&T network and that all 5,700 appliances were located in the United States.

“So far, the EwDoor in our view has undergone 3 versions of updates, and its main functions can be summarized into 2 main categories of DDoS attacks and Backdoor,” they wrote. “Based on the attacked devices are telephone communication related, we presume that its main purpose is DDoS attacks, and gathering of sensitive information, such as call logs.”

The three updates occurred during November.

Also read: Top Vulnerability Management Tools for 2021

Exploiting the Edgewater Devices

According to the Netlab researchers, the botnet exploits a hidden page in the Edgewater appliances that includes user-defined commands. The bad actors can…

Source…

Sophos Unveils XGS Series Firewall Appliances


Sophos has today unveiled new XGS Series firewall appliances with unrivaled performance and advanced protection against cyberattacks.

Sophos says the new appliances feature industry-best Transport Layer Security (TLS) inspection, including native support for TLS 1.3, that is up to five times faster than other models available on the market today.

“Sophos Firewall XGS Series appliances represent the most significant hardware upgrade that we have ever released and introduce unmatched detection, protection and speed,” said Dan Schiappa, chief product officer at Sophos.

“Security teams can no longer afford to overlook encrypted traffic for fear of breaking something or hurting performance – there’s too much at risk. We’ve completely redesigned the Sophos Firewall hardware to handle the modern encrypted internet. Security teams now have the ability to easily inspect encrypted traffic and shine light on what was once a black hole, and they can confidently do so without compromising on performance.” Dan added.

Sophos Firewall XGS Series desktop and most 1U rackmount appliances will be available for immediate purchase exclusively through Sophos’ global channel of partners and managed service providers (MSPs). These models are ideally suited for small, medium and distributed organizations as an all-in-one network security solution with a strong price to performance ratio and diverse add-on connectivity options.

Additional models designed for enterprise edge environments requiring maximum throughput for more complex network configurations will be available in the coming weeks. Simplified licensing includes bundled protection with enhanced support.

At the same time, Sophos also published new research, “Nearly Half of Malware Now Use TLS to Conceal Communications,” identifying a surge in cybercriminals using TLS in their attacks. The increasingly popular tactic is used by adversaries to encrypt and encapsulate the content of malicious communications to avoid detection as they carry out attacks.

In fact, 45% of malware detected by Sophos from January through March 2021 used TLS to conceal malicious communications. That’s a staggering rise from…

Source…

EVs, Smart Appliances Pose Cybersecurity Risks


Electric vehicles and smart appliances, whose popularity among Americans is growing, pose a potential cybersecurity risk, a recent report from the Government Office of Accountability has warned.

“A growing number of consumers are using networked consumer devices that are connected to the grid’s distribution systems, such as electric vehicles and charging stations, and smart inverters,” the authors of the report said.

“These devices can be high wattage, which means they can demand a high amount of electricity from the grid. However, distribution utilities have limited visibility and influence on the use and cybersecurity of these devices because consumers typically control them, according to officials from a national laboratory.”

The GAO noted it had earlier established that so-called networked consumer devices could be vulnerable to cyberattacks with hackers capable of compromising a high number of these devices by infecting them with malware and turning them into a botnet. The botnet could then be used to launch a large-scale attack on the grid.

For now, the risk is relatively low, the GAO said but warned that as the number of EVs and smart devices increases, so will the vulnerability of the grid from the direction of networked devices.

It is not just EVs and smart devices that increase the vulnerability of the U.S. grid, either. Rooftop solar installations could be potentially risky, too, according to the report.

“Distributed energy resources are increasingly connected to the grid’s distribution systems and may be leveraged in a cyberattack,” the authors wrote. “These devices can include rooftop solar units and battery storage units. When connected to the grid’s distribution systems, such devices may introduce vulnerabilities, according to federal officials we interviewed.”

Cyber vulnerability could be one aspect of the energy transition agenda that has so far remained overlooked. This agenda features both distributed energy systems and EVs heavily.

By Irina Slav for Oilprice.com

More Top Reads From…

Source…