VMware, Cisco Systems issue security warnings

itworldcanada.com | July 04, 2019

IT administrators have been warned by two of the biggest suppliers of enterprise products of security vulnerabilities.VMware issued an important alert this week for updates after finding 30 of its products are vulnerable to the recently discovered Linux kernel TCP Selective Acknowledgement (SACK) vulnerabilities. Those bugs could lead to a distributed denial of service attack against those products, the company said.Meanwhile Cisco Systems said it is updating the firmware on a number of its Small Business 250, 350, 350X, and 550X as well as the FindIT Network Probe after researchers at a security firm discovered that by using a third party software library security certificates from a Huawei Techonologies subsidiary had been included in the Cisco products.

Spotlight

Virtualization is a technology that provides a way for a machine (Host) to run another operating system (guest virtual machines) on top of the host operating system. SUSE Linux Enterprise Server includes the latest open source virtualization technologies, Xen and KVM. With these hypervisors, SUSE Linux Enterprise Server can be used to provision, deprovision, install, monitor and manage multiple virtual machines (VM Guests) on a single physical system (for more information see Hypervisor).

Spotlight

Virtualization is a technology that provides a way for a machine (Host) to run another operating system (guest virtual machines) on top of the host operating system. SUSE Linux Enterprise Server includes the latest open source virtualization technologies, Xen and KVM. With these hypervisors, SUSE Linux Enterprise Server can be used to provision, deprovision, install, monitor and manage multiple virtual machines (VM Guests) on a single physical system (for more information see Hypervisor).

Related News

VIRTUAL DESKTOP TOOLS

Trellix Finds Business Services Top Target of Ransomware Attacks

Trellix | July 19, 2022

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today released The Threat Report: Summer 2022, analyzing cybersecurity trends and attack methods from the first quarter of 2022. The report features research from Trellix Threat Labs into connected healthcare and access control systems. It also includes analysis of email security trends and details the evolution of Russian cybercrime related to the conflict in Ukraine where new malware or methods have yet to be observed. Key findings: Increased Threats to Business Services: Companies providing IT, finance and other types of consulting and contract services were targeted by adversarial actors more often, demonstrating cybercriminals desire to disrupt multiple companies with one attack. Business services accounted for 64% of total U.S. ransomware detections and was the second most targeted sector behind telecom across global ransomware detections, malware detections, and nation-state backed attacks in Q1 2022. Ransomware Evolution: Following the January arrests of members of the REvil ransomware gang, payouts to attackers declined. Trellix also observed ransomware groups building lockers targeting virtualization services with varied success. Leaked chats from the quarter’s second most active ransomware gang, Conti, which publicly expressed allegiance to the Russian administration, seem to confirm the government is directing cybercriminal enterprises. Email Security Trends: Telemetry analysis revealed phishing URLs and malicious document trends in email security. Most malicious emails detected contained a phishing URL used to steal credentials or lure victims to download malware. Trellix also identified emails with malicious documents and executables like infostealers and trojans attached. “With the merging of our digital and physical worlds, cyberattacks cause more chaos in our daily lives, Adversaries know they are being watched closely; the absence of new tactics observed in the wild during the war in Ukraine tells us tools are being held back. Global threat actors have novel cyber artillery ready to deploy in case of escalation and organizations need to remain vigilant.” -Christiaan Beek, Lead Scientist and Senior Principal Engineer, Trellix. The Threat Report: Summer 2022 leverages proprietary data from Trellix’s network of over one billion sensors, open-source intelligence and Trellix Threat Labs investigations into prevalent threats like ransomware and nation-state activity. Telemetry related to detection of threats is used for the purposes of this report. A detection is when a file, URL, IP-address, suspicious email, network behavior or other indicator is detected and reported via the Trellix XDR ecosystem. Additional Resources Trellix Threat Center Trellix Threat Labs Blog The Threat Report: Summer 2022 About Trellix- Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security.

Read More

VIRTUAL SERVER INFRASTRUCTURE

OrionVM and Blaize Launch New AI-as-a-Service (AIaaS) Offering

OrionVM | September 07, 2022

OrionVM, Infrastructure as a Service (IaaS) provider and cloud computing pioneer, announced today the addition of technology partner Blaize®, the artificial intelligence (AI) computing innovator revolutionizing edge and automotive computing solutions, to create a new AI as a service (AIaaS) offering. This first-of-its-kind partnership will empower organizations across multiple industries to launch their AI solutions more quickly and efficiently, including machine learning across vast data sets. Under the agreement, both companies' global sales teams will sell Blaize's AI applications, enabled and powered by OrionVM's optimized cloud platform. The Blaize AIaaS solutions can be utilized in three possible scenarios: Blaize's unique Graph Streaming Processor (GSP®) chips for edge AI and sensor fusion applications cards can now be virtualized on the OrionVM cloud platform. Dedicated AI environments for clients can be easily created with virtualized GSPs. For example, they can be integrated into video surveillance technology on the edge providing sophisticated and constantly-updated analysis of events. The latest version of Blaize AI Studio is now available on the OrionVM cloud platform, allowing for the development of AI applications that can quickly be set up to perform workloads without needing to purchase and configure complex hardware environments. "Before the availability of next-gen cloud solutions like ours, AI was cost-prohibitive owing to steep infrastructure spend and a shortage of qualified programmers. Now, companies do not need to build their clouds, or rely on inflexible and expensive public clouds to build, test, and utilize their artificial intelligence systems. They can now take advantage of data insights through AIaaS without expensive up-front investments. This allows them to harness the power of machine learning at significantly lower costs," said Daniel Pfeiffer, COO and VP Partnerships for OrionVM. "We are excited to see offerings like Blaize's AIaaS provide cloud advantages such as enterprise security and the ability to instantly deploy and scale." Blaize's AI applications are now available on OrionVM's resilient, secure, high-performing infrastructure, enabling customers to run Blaize AI solutions on the industry's most efficient, flexible cloud platform. Customers will be able to deploy combined offerings to solve industry challenges in several verticals, including: Security and Video Surveillance Smart Retail Smart City and Transportation Services Life Sciences and Healthcare "We built our AI solutions with a deep understanding of where AI technology began and where it can go. Our innovative approach has helped companies across various industries because we address their need for products purpose-built for the requirements of edge AI, Our solutions allow customers flexibility by programming AI solutions to fit their specific requirements. Our advanced code-free AI software also uniquely implements "edge-aware" transfer learning and optimizations for higher accuracy post-model compression. The possibilities are almost limitless." Dinakar Munagala, Blaize Co-founder and CEO The AI industry has seen significant growth in the last few years, particularly during the pandemic, and this upward trend is expected to continue. According to International Data Corporation (IDC), worldwide spending on AI will increase from $50.1 billion in 2020 to more than $110 billion by 2024. Digital healthcare, manufacturing and retail businesses are likely to expand their use of edge computing by 2028, according to the Linux Foundation's State of the Edge report. These sectors have already demonstrated interest in AI technology's ability to improve response times and save bandwidth, while enabling less constrained data analysis. As businesses of various industries increasingly need to process large sets of data and harness the power of AI, they will seek out efficient and cost effective ways to bring AI technology into the fold. For more information on the OrionVM and Blaize AI offerings, please visit https://www.orionvm.com/BlaizeAI. For more information on Blaize, please visit https://www.blaize.com. About OrionVM: OrionVM has developed a proprietary suite of cloud infrastructure "building blocks" that form a new blueprint for the delivery and monetization of cloud-based technology solutions. The core architecture for these building blocks, categorized as Infrastructure as a Service ("IaaS"), has already been used in many industries, with proven traction from leading managed services providers (MSPs), tier 1 telcos and Fortune 500 companies. The OrionVM Cloud Platform supports private, public, hybrid & bare-metal cloud deployments and is built either for internal consumption or resale. OrionVM's purpose-built stack uses InfiniBand and is benchmarked to outperform the incumbent clouds, at a lower price point due to the extreme efficiency and reduced cost of goods sold. Self-service web portals allow clients to quickly launch their own enterprise-grade cloud services with zero capital expenditure. About Blaize: Blaize is a leading provider of a proprietary purpose-built, full-stack hardware architecture and low-code/no-code software platform that enables edge AI processing solutions at the network's edge for computing in multiple large and rapidly-growing markets — automotive, mobility, retail, security, industrial automation, medical devices, and many others. Blaize's novel solution solves the technical problem that edge AI processing requires across those verticals — very low latency and high thermal and power efficiency — which previously relied on retrofitting sub-optimized AI solutions designed more for data centers and the cloud. Blaize has previously raised over $180MM from strategic investors such as DENSO, Daimler, Magna, and Samsung, and financial investors such as Franklin Templeton, Temasek, GGV, and others.

Read More

VIRTUAL DESKTOP STRATEGIES

OpsRamp Powers VSO’s Hybrid, Multi-Cloud Management Services

OpsRamp | September 15, 2022

OpsRamp, the digital operations management company, has partnered with Virtual Service Operations (VSO), a leader in hybrid and multi-cloud managed services, to power VSO’s virtual Service Quality Operations Division (vSQOD) Managed Services offering. VSO is using OpsRamp’s digital operations management platform for monitoring and alerting of hybrid and multi-cloud workloads and patching-as-a-service across its customer accounts. VSO manages a variety of technologies, both on-customer-premises and in public cloud environments, all unified in the OpsRamp platform. The OpsRamp multi-tier, multi-tenant SaaS-based platform allows VSO to monitor and manage Amazon Web Services, Microsoft Azure, IBM Cloud, VMware, Kubernetes, and much more from a single pane of glass. “The benefit of OpsRamp is that it goes across all of those different cloud environments and our on-premises footprint as well, We are able to monitor globally, by region, and by customer.” Laura Richardson, Chief Technology Officer of VSO VSO supports multiple environments 24/7 through its vSQOD service, using OpsRamp for alert handling, event correlation and escalation, integrated with Jira Service Management. Improved uptime, greater resiliency and security, and lower operational costs are all benefits customers have enjoyed from working with VSO, powered by OpsRamp. “It all starts in OpsRamp,” said Richardson. “We use OpsRamp as a clearinghouse for alerts, then after event correlation it feeds Jira with actionable tickets. We can quiet the noise so the tickets that hit Jira get immediate focus.” More than 60% of the vSQOD are veterans of the US Armed Forces. VSO founders Steve O’Keefe and John Birch launched the company at the start of 2018 with a veteran-centric mission propelled by their past experience working with highly-trained and adaptable service members. While some of vSQOD’s hires come to the firm with subject matter expertise in IT that they gained in the military, VSO offers transitioning service members with an interest in tech the opportunity to train with Skillbridge before separation from the armed forces. They can then advance their technical training through internal skill-mapping or partnership courses once in the field. “We hire veterans, train them in teams and deploy them in teams,” said Richardson. “More than 200,000 people exit the military each year, after having spent years in one or more of the US military’s 4000 schools. It’s a great pool of talent to draw from. Veterans work well in teams, have excellent leadership qualities, and thrive as IT professionals. VSO’s Managed Services are outstanding because of them.” “OpsRamp is honored to be the IT operations management platform of choice for VSO and support its mission of hiring and training veterans for careers in IT,” said Jim Lampert, vice president of global strategic accounts at OpsRamp. “OpsRamp helps MSPs to grow their business, improve customer outcomes and reduce operational costs.” VSO is one of several recent customer success stories OpsRamp has announced in the MSP space including: Liquid IT: Reduced alert noise by 95% resulting in lower mean time to detect and resolve incidents and increased service availability. Pinnacle Technology Partners: Reduced alert floods so they now only have to respond to critical events, allowing them to reduce mean time to repair, and automate high-volume, time-consuming IT operations tasks. WinWire: Reduced event noise by 90%, automated 70% of routine IT operations tasks and managed the same number of clients with 50% less staff effort. About OpsRamp: OpsRamp is a digital operations management software company whose SaaS platform is used by managed service providers and enterprise IT teams to monitor and manage their cloud and on-premises infrastructure. Key capabilities of the OpsRamp platform include hybrid infrastructure discovery and monitoring, event and incident management, and remediation and automation, all of which are powered by artificial intelligence. About VSO: Virtual Service Operations is a U.S.-based Managed Services and Engineering firm for infrastructure, cloud, and hybrid environments. Its military veteran workforce provides reliable, secure, and cost-effective solutions for companies in need of a flexible, affordable approach to hybrid architecture and data management.

Read More