AMD Radeon Graphics Cards Open VMware Workstations to Attack

Threatpost | September 17, 2019

A remote code-execution bug exists in some configurations of the AMD Radeon graphics card that could allow an attacker to take control of a targeted system. The hack entails luring users of vulnerable systems to visit a specially crafted website that can deliver “a malformed pixel shader” to either a Radeon RX 550 or a Radeon 550 series graphics card. The prerequisites for the attack limit the scope of those impacted. According to Cisco Talos, which found the bug in May, the vulnerability only exists on systems running VMware Workstation 15 with the 64-bit version of Windows 10 running as the as guest VM. This vulnerability can be triggered by supplying a malformed pixel shader (inside VMware guest OS) to the AMD ATIDXX64.DLL driver. Such an attack can be triggered from a VMware guest usermode to cause a memory corruption on vmware-vmx.exe process on host, or theoretically through WEBGL (remote website),” according to the Talos Vulnerability Bulletin, published Monday.

Spotlight

Pure Storage partners with leading VDI vendors including Citrix and VMware to deliver superior end-user experiences with an infrastructure that is super simple to manage and offers an exceptional ROI to your business.

Spotlight

Pure Storage partners with leading VDI vendors including Citrix and VMware to deliver superior end-user experiences with an infrastructure that is super simple to manage and offers an exceptional ROI to your business.

Related News

VPN

OpenVPN Accelerates Next-Gen VPN Innovation and Business Momentum.

OpenVPN Inc. | September 02, 2021

OpenVPN, a leading global private networking and cybersecurity company, announced that businesses are rapidly adopting the company’s next-generation virtual private network (VPN) solutions to adapt to the changes in work and adoption of cloud accelerated by the COVID-19 global pandemic. Over the past 18 months, the company, at times, experienced as much as 70 percent growth, which, according to market research firms’ projections, was four times faster than the expected market growth rates. Adoption of its OpenVPN Cloud solution is growing even faster at 50 percent quarterly growth in monthly recurring revenue (MRR) over the last quarter. This rapid customer growth comes as businesses shifted IT priorities during the COVID-19 pandemic to best support remote workforces and accelerate digital strategies for growth, as well as expanding investment in the cloud. OpenVPN introduced its next-gen OpenVPN Cloud solution in May 2020 to help businesses of all sizes to quickly, easily, and cost-effectively connect private networks, devices, and servers to build a secure, virtualized modern network--without the need for complex and expensive proprietary hardware (routers, firewalls, and other traditional approaches). For organizations that use or plan to use Zero Trust Access (ZTA), Secure Access Service Edge (SASE) and Software Defined Networking (SDN), next-gen VPN is a critical layer that supports and accommodates these approaches. To support the adoption of its OpenVPN Cloud solution, the company continues to increase the number of worldwide PoPs. In addition, to support current and future growth, and add innovative and differentiating features, OpenVPN is aggressively hiring the best talent worldwide. “Sophisticated threats, regionally and remotely distributed workforces, work from home, the growth of IoT, and the move to the cloud make the old, rigid ways of connecting and insulating your assets obsolete. The days of legacy VPN as purely remote access or site-to-site are gone. Modern network architecture requires room for contemporary approaches to sit on top of a private networking foundation,” said Francis Dinha, Co-founder and CEO, OpenVPN. “Our continued and rapid growth can be attributed to our ability to help organizations secure the business at scale while providing a seamless experience even as priorities change whether it’s a pandemic, rapid rollout of digital strategies or accelerated cloud journey.” OpenVPN’s Growth Trajectory More Than 4x Market Projected Rate OpenVPN counts tens of thousands of businesses as customers around the world. The VPN market is expected to reach between $107.6 billion (ResearchAndMarkets.com) and $120 billion (Global Market Insights) by 2027, which represents a CAGR of between 15% and 17.2%. OpenVPN grew by as much as 70% during the last 18 months, which is four times faster than the expected market growth rate. In addition, more than 97% of its customers renew or expand the number of VPN connections. OpenVPN Cloud surpassed millions of connection hours per week, which represents 50% growth each quarter and is the company’s fastest growing solution since being introduced last year. In addition Cloud Service Providers including Amazon Web Services (AWS), Microsoft Azure and Oracle Cloud use the open source or commercial offerings from OpenVPN to enable secure access to its cloud services. OpenVPN Cloud - Redefining the Next Generation VPN for Modern Networks OpenVPN Cloud takes the complexity and high cost out of building and managing a secure private network. It delivers to its customers an elegant cloud-based solution with an adaptive and dynamic platform that can easily grow as businesses grow, whether connecting on-premises or to the IaaS cloud, which has attracted more DevOps and IT operations teams. OpenVPN Cloud helps businesses quickly, easily, and cost-effectively connect private networks, devices, and servers to build a secure and virtualized modern network. To make this possible, OpenVPN has vertically integrated technologies from advanced IP routing and secure access, threat detection and prevention, and firewall into its virtualized, mesh-connected, high-speed network platform with worldwide PoPs. The company continues to deliver enhancements to the platform with additional capabilities, including domain routing, Cyber Shield (DNS-based content filtering), and unique resource publishing and sharing. About OpenVPN OpenVPN is a leading global private networking (VPN) and cybersecurity company that allows organizations to truly safeguard their assets in a dynamic, cost effective, and scalable way. Our cloud-based next-gen VPN platform allows businesses to quickly and easily connect private networks, devices, and servers to build a secure, virtualized modern network. OpenVPN is used by tens of thousands of businesses around the world.

Read More

VPN

Versa Networks is Recognized as a Visionary in the Gartner Magic Quadrant for Network Firewalls

Versa Networks | November 09, 2021

Versa Networks, the recognized secure access service edge (SASE) leader, announced that Gartner has recognized it as a Visionary in the 2021 Magic Quadrant for Network Firewalls report. According to Gartner, “Network firewalls secure traffic bidirectionally across networks. Although these firewalls are primarily deployed as hardware appliances, clients are increasingly deploying virtual appliance firewalls, cloud-native firewalls from infrastructure as a service (IaaS) providers, and firewall as a service (FWaaS) offerings hosted directly by vendors.By 2025, 30% of new deployments of distributed branch-office firewalls will switch to firewall as a service, up from less than 10% in 2021.” The 2021 Magic Quadrant for Network Firewalls report evaluated 19 different vendors on several critical criteria and positioned Versa Networks in the Visionary Quadrant. Versa Networks was recognized for its Ability to Execute and Completeness of Vision in the Gartner Magic Quadrant. Versa Networks meets the demands of a post-pandemic workforce that is accessing corporate networks from any location in the world. Offering both the traditional hardware firewall solutions as well as FWaaS and public cloud firewall capabilities, Versa gives organizations the flexibility to deploy perimeter security for a hybrid, work-from-anywhere model. Versa’s network firewalls are part of the Versa Secure Access Service Edge (SASE) offering and provide comprehensive features including URL & IP-filtering, Antivirus, IPS/IDS, SSL Decryption, File Filtering, DNS Filtering, Captive Portal, Multi-Factor Authentication, Data Protection, Multi-tenancy, Secure Web Access, Zero Trust Network Access, Micro-Segmentation, Application Segmentation, and more. “We believe Versa Networks’ placement in the Gartner Visionary Quadrant in our first year of being evaluated in the Magic Quadrant for Network Firewalls validates our strategy and strong execution we set out to achieve since Day One. Nearly ten years ago, our founders Apurva and Kumar Mehta made the strategic decision to design Versa in a completely unique way, and we have delivered a truly superior security platform that reflects where the market is headed. We are delivering on our vision to offer networking and security in a single-pass data path architecture, which combines Software Defined Wide Area Networking, Next Generation Firewall, Unified Threat Management, and more. With a single management console, Versa eases policy enforcement and deployment anywhere when scaling to new locations or remote users, reducing costs all while enhancing security.” Kelly Ahuja, CEO with Versa Networks Versa’s network firewall functionality is offered as a component of Versa SASE, which delivers tightly integrated services via the cloud, on-premises, or as a blended combination of both via Versa Operating System (VOS) with a Single-Pass Parallel Processing architecture and managed through a single pane of glass. Versa began delivering SASE services such as VPN, Secure SD-WAN, Edge Compute Protection, Next-Generation Firewall, Next-Generation Firewall as a Service, Secure Web Gateway (SWG), and Zero Trust Network Access (ZTNA) more than five years ago. Versa uniquely provides contextual security based on user, role, device, application, location, security posture of the device, and content. As the leader in the fastest growing security and networking category, SASE, and executing on SASE services for years, Versa is the only solution proven to deliver the industry’s leading and differentiated architecture for high performance and security. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About Versa Networks Versa Networks, the leader in SASE, combines extensive security, advanced networking, industry-leading SD-WAN, genuine multitenancy, and sophisticated analytics via the cloud, on-premises, or as a blended combination of both to meet SASE requirements for small to extremely large enterprises and Service Providers, and via the simplified Versa Titan cloud service designed for Lean IT. Thousands of customers globally with hundreds of thousands of sites trust Versa with their networks, security, and clouds. Versa Networks is privately held and funded by Sequoia Capital, Mayfield, Artis Ventures, Verizon Ventures, Comcast Ventures, Liberty Global Ventures, Princeville Capital, RPS Ventures and Triangle Peak Partners.

Read More

SERVER VIRTUALIZATION

VIAVI Provides Benchmarking and Validation for Global O-RAN Plugfest

VIAVI | December 21, 2021

Viavi Solutions Inc. shared the company's role in the third annual global O-RAN plugfest hosted by Tier-1 communications service providers and the O-RAN ALLIANCE. The plugfest involved a series of on-site demonstrations across multiple countries, conducted in October and November 2021. VIAVI provided benchmarking and validation for plugfest tests and demonstrations at locations including: New Brunswick, USA, hosted by AT&T and Verizon with Rutgers University; Menlo Park, USA, hosted by AT&T and Verizon at the TIP Community Lab with Meta; Berlin, Germany, hosted by Deutsche Telekom; Madrid, Spain, hosted by Telefónica; Gurgaon, India, hosted by Airtel; Tokyo, Japan hosted by Yokosuka Research Park with participation from major service providers including Rakuten Mobile; and Taiwan hosted by Auray OTIC and Security Lab and Chunghwa Telecom. This year's plugfest demonstrated the rapid evolution of the O-RAN ecosystem with increasing focus on the RAN Intelligent Controller (RIC), which changes the way network resources are managed, bringing artificial intelligence and big data into day-to-day operations. To mitigate the risk involved in introducing this new technology, operators depended upon tools from VIAVI including the TeraVM RIC Test to test the performance of the RIC when presented with a wide range of RAN scenarios, to test the functionality of rApps and xApps, as well as provide the means to generate the data needed to train AI models. The VIAVI Test Suite for O-RAN Specifications also supported conformance, performance, interoperability and end-to-end testing: Open Radio Unit (O-RU) and Open Distributed Unit (O-DU) – Casa Systems Apex 5G Evo Radio was validated using the VIAVI TM500 O-RU Tester in conjunction with the Rohde & Schwarz SMW200A Vector Signal Generator (VSG), FSW Signal and Spectrum Analyzer and Vector Signal Explorer (VSE) software. Performance testing of the Sercomm Small Cell O-RU/O-DU was conducted using the VIAVI TeraVM O-CU Simulator and TeraVM Core Emulator. The Foxconn/WNC/Alpha/ITRI O-RU was tested using the VIAVI TM500 O-RU Tester. Open Central Unit (O-CU) – Performance (load/scale) testing of the Accelleran O-CU installed on a cloud native router was conducted using the VIAVI TeraVM O-CU Tester. Open Fronthaul (OFH) – OFH interoperability between Intel's FlexRAN™ reference software and Capgemini Engineering O-CU, O-DU and Core, with IP Infusion fronthaul switch as grandmaster clock, was validated using the VIAVI TM500 O-DU Tester and E500 UE Emulator. VIAVI also provided the T-BERD/MTS-5800 for Xhaul Transport and Synchronization testing on the Ciena 5164 and 5168 with grandmaster, and on the Cisco NCS540. End-to-end interoperability testing of the Foxconn O-RU with another vendor’s O-DU and O-CU was conducted with the VIAVI E500 UE Emulator and TeraVM Core Emulator. OFH and end-to-end interoperability was demonstrated between the TeraVM Core Emulator, Foxconn O-RU, Capgemini O-DU/O-CU and commercial device. RIC – The TeraVM RIC Test was used to validate the Accelleran dRAX™ RIC and xApps, and the TCS RIC and traffic steering xApp. TeraVM RIC Test also supported a demonstration of the Rakuten Communications Platform (RCP) enabling RAN self-healing and optimization, including rApp impact compensation with RAN optimization xApps working on latest O-RAN SC RIC stack. With each O-RAN plugfest, we have seen commitment from more service providers, a proliferation of vendors, and clearer signs that the technology is progressing toward maturity. In 2021, the scope of investigation has expanded beyond connectivity between O-RAN elements to automated assurance and optimization using the RIC and xApps." Sameh Yamany, Chief Technology Officer, VIAVI VIAVI offers the most comprehensive test platform on the market for lab validation, field deployment and service assurance of O-RAN networks, deployable on premise, in public or private clouds, and as Test as a Service (TaaS). With over 85% of NEMs using the VIAVI RANtoCore platform for gNB development, the company uniquely offers market-leading 5G and Open RAN test solutions for conformance, performance and interoperability of O-RU, O-CU, O-DU, RIC and Core elements. About VIAVI VIAVI is a global provider of network test, monitoring and assurance solutions for communications service providers, enterprises, network equipment manufacturers, government and avionics. We help these customers harness the power of instruments, automation, intelligence and virtualization to Command the network. VIAVI is also a leader in light management solutions for 3D sensing, anti-counterfeiting, consumer electronics, industrial, automotive, and defense applications.

Read More