Tag Archive for: continuous

Continuous attack attempts discovered on Atlassian Confluence zero day

/in


Following a coordinated disclosure of a zero-day vulnerability by Volexity in Atlassian Confluence, now known as CVE-2022-26134, attackers went wild to exploit it, according to Barracuda. 

Since the original disclosure and subsequent publication of various proofs of concept, researchers at Barracuda have analysed data from their installations worldwide and discovered large numbers of attempts to exploit this vulnerability. 

The exploit attempts range from benign reconnaissance to some relatively complex attempts to infect systems with DDoS botnet malware and cryptominers.

Atlassian Confluence is a tool that provides collaborative documentation. According to Barracuda, on June 2, information about CVE-2022-26134 was publicly released. Over the next weekend, various threat actors used the vulnerability and in no-time malicious actors became aware of it. The vulnerability allows unauthenticated, remote attackers to create new administrative accounts, execute privileged commands, and seize control of the servers.

Initially, Barracuda researchers were seeing a steady flow of attacks attempting to exploit this vulnerability, with several significant spikes. With the continuous monitoring on these attacks, and on the pattern, the researchers found that the overall volume dropped slightly in August. Attackers clearly have not given up on trying to exploit this vulnerability.

Exploitation attempts primarily originated from IP addresses in Russia, followed by the U.S., India, Netherlands, and Germany. Previous research showed that some of the payloads being delivered and the sources of the attacks.

“There is a steady flow of attacks over time and we foresee a significant amount of scanning and such attempts to continue for the time being,” says Tushar Richabadas, Senior Product Marketing Manager, Applications and Cloud Security, Barracuda.

“It is important to take steps to protect your systems. Now is the ideal time to opt for patching, especially if the system is internet-facing. Placing a web application firewall in front of such systems will provide an in-depth defense against zero-day attacks and other vulnerabilities.”

Earlier this year, Barracuda research identified…

Source…

Open Classroom For Continuous Training In IT (Information Technology)

/in


easy use, IT or Information Technology (for its abbreviated form in English) requires more continuous training than any other field. Updating knowledge in programming, data analysis or computer security is imperative for professionals who are increasingly in demand. Systems engineer Ignacio Perez, head of security at Aragonesa de Servicios Telemáticos (AST), knows this all too well.

“If you leave university you will have to dedicate 10% of your salary to training; Centers for advanced technologies, such as CTAs, are of great relevance”, he explains, especially for those who complete their degrees and Let’s start labor in the market. ,When you already have some experience, the courses offered by CTAs certified by manufacturers complementBut when you start working they bring a advancement in the field It is important to give you the technical knowledge, which is very different from the academic ones, that facilitates the approach of companies». Furthermore, “they are usually very expensive courses and the CTA gives them for free”, although with prior exams and selections, he recalls Aragon’s “good position” in computing.

Progress in the field of work. For Inmaculada Sanz, industrial engineer Who has finished working in this field, going through CTA has been decisive. “I was working in an SME for 20 years, but in this 2022 I had to look for a job. So I signed up for a course on Data Visualization on ‘Tableau Servers’ in which I was the only unemployed person.

Came from other companies to learn how to implement this tool. And being in the course they told me there was a company that was looking for someone for data analysis, they called me and I’m already working”, she explains, reassuring be “in an emerging field” and Grateful for the opportunity that the CTA, dependent on the Aragonese Employment Institute, has given him. “The best part is that they try to customize the curriculum as per the requirement of the industry», that is, they make possible anything simple and difficult, as well as matching supply and demand in the labor market.

get closer to reality, Christiane, one of the students who passed out from the CTA, who hasn’t…

Source…

Delphix to Launch Continuous Ransomware Protection, DevOps Data Appliances

/in


Delphix, the industry leader in DevOps test data management (TDM), today announced the launch of two new data appliances powered by Dell Technologies. Both appliances are fully engineered software solutions optimized for performance and reliability.

The Delphix CDP Appliance provides businesses with continuous data protection, multiple levels of ransomware detection, and the ability to automate instant recovery of multiple applications to a clean and data-consistent state. The Delphix DevOps Appliance provides the most advanced and secure TDM solution in the market, enabling customers to release software faster, safer, and at higher quality.

The Delphix CDP Appliance syncs data from enterprise applications in near-real time and creates a continuous, immutable data record, so applications can be recovered to any time, down to the second or a transaction boundary, for a near-zero recovery point objective (RPO). In contrast, traditional backups only protect data once a day, leaving the potential for a full day’s loss of critical business transactions.

In addition, the appliance enables the instant recovery of multiple applications using APIs for a near-zero recovery time objective (RTO). Business processes, like quote to cash, often create data dependencies and consistency challenges across applications. With this new appliance, businesses can quickly recover multiple applications to a data consistent state, even across multiple points in time, in order to determine a clean data state prior to a ransomware attack.

The Delphix CDP Appliance is built on a zero trust architecture. All data is immutable, and retained data snapshots and policies can be locked from tampering or deletion. In addition, the appliance is a fully contained, isolated recovery environment that can optionally include application and database servers.

Today, businesses need to balance both security and innovation. Many companies leave test data security and provisioning up to individual application teams and administrators, often in violation of privacy compliance and industry regulations. The Delphix DevOps Appliances automate sensitive data discovery, masking, and delivery to fully protect consumer data privacy…

Source…

NowSecure’s Brian Reed: Agencies Need Continuous Monitoring Model to Protect Mobile App Portfolios

/in



Brian Reed, chief mobility officer at NowSecure, said government agencies should have programs in place to facilitate continuous monitoring of mobile applications to detect and address vulnerabilities that could pose security risks to employees and data.

Reed wrote that agencies should commit to ensuring the security of mobile apps and establish mission data protections and access restrictions.

He called on agencies to conduct a thorough review of employees’ access to mission-oriented apps by developing “profile differences based on levels of device control and authority versus mission requirements.”

Agencies should come up with a vetting program for mobile apps, which Reed said involves three stages. The initial stage calls for organizations to develop an inventory of all the devices and apps on the network and the second phase requires the establishment of a process for assessing new applications. The last stage focuses on continuous monitoring of every mobile app’s new version once it is launched.

“By understanding and addressing the risks associated with mobile apps, agencies can support employee productivity with mobile tools while protecting mission data on the device, in the apps and over the network,” Reed noted.

He cited NowSecure’s automated software offering and how it helps agencies perform continuous app monitoring to safeguard their app portfolios.

Source…