VIRTUAL DESKTOP TOOLS,SERVER VIRTUALIZATION,SERVER HYPERVISORS
Fortinet | December 14, 2022
Fortinet issued an advisory Monday detailing the heap-based buffer overflow flaw, tracked as CVE-2022-42475, affecting multiple versions of its FortiOS SSL-VPN. Ranked a 9.3 on the common vulnerability scoring system, Fortinet warned the critical flaw could allow a remote unauthenticated attacker to execute arbitrary code.
"Fortinet is aware of an instance where this vulnerability was exploited in the wild, and recommends immediately validating your systems against the following indicators of compromise," Fortinet wrote in the advisory.
Patches are available, and Fortinet recommended upgrading to the latest versions as well as the unaffected earlier version of FortiOS. In an email to TechTarget Editorial, Fortinet said it also continues to monitor the situation.
While the company's Product Security Incident Response team made the advisory publicly available Monday, it was not the first notification on the critical flaw. Olympe Cyberdefense, a France-based cyber threat intelligence vendor, released an alert Friday citing that a "new critical flaw, not yet made public" affected Fortinet SSL-VPN.
The alert, which was first reported Monday by TechTarget sister publication Le Mag IT, warned the zero-day vulnerability was easy to exploit and that attackers could gain full control of intended devices. Additionally, Olympe Cyberdefense recommended disabling VPN-SSL functionality if it's not essential.
Olympe updated its alert once Fortinet confirmed the vulnerability and urged customers to patch.
In a statement sent to TechTarget Editorial, Claire Tills, senior researcher engineer at Tenable, noted the time gap between the Olympe's initial disclosure and Fortinet's advisory. "Three days after its initial public disclosure, Fortinet patched CVE-2022-42475 and confirmed it has been exploited in the wild," Tills said.
"Fortinet SSL-VPNs have been a major target for years now -- to the extent that the FBI and CISA issued a dedicated advisory to these flaws and their exploitation in 2021. Nation state actors are still known to exploit those legacy vulnerabilities in Fortinet SSL-VPNs. Given that this new vulnerability has already been exploited, organizations should patch CVE-2022-42475 immediately before it joins the ranks of other legacy VPN flaws."
Attacks targeting VPNs have been on the rise, with multiple government warnings since 2020 when remote work increased amid the COVID-19 pandemic. In October, FortiOS faced another critical vulnerability that allowed attackers to bypass authentication and was exploited in the wild. Like Monday's advisory, Fortinet was not the first to publicly disclose the flaw.
VIRTUAL DESKTOP TOOLS
Dell Technologies | November 18, 2022
Dell Technologies is expanding its industry leadership in data protection appliances and software1 to help customers protect their data on premises, in public clouds and at the edge.
The Dell PowerProtect Data Manager Appliance leads a series of advancements for multicloud data protection that are simple to use and easy to consume. Dell innovation in AI-powered resilience and operational security accelerates the adoption of Zero Trust architectures, helping protect organizations from the increasing threat of cyberattacks.
The new solutions help address rising data protection challenges facing organizations. According to the 2022 Dell Global Data Protection Index (GDPI) survey, organizations have experienced higher levels of natural and modern disasters than in previous years, resulting in more data loss, downtime and recovery costs. In the past year, cyberattacks accounted for 48% of all disasters (up from 37% in 2021), leading all other causes of data disruption. The survey also revealed 85% of organizations using multiple data protection vendors see a benefit in reducing their number of vendors. Furthermore, it revealed that organizations using a single data protection vendor incurred 34% less cost recovering from cyberattacks or other cyber incidents than those who used multiple vendors.
"With virtually everything connected to the internet in today's digital world, the need to protect valuable data is more important than ever, This digital landscape requires a modern data protection and security strategy to address cyber threats. Point solutions don't go deep or wide enough to help protect organizations. Dell helps customers strengthen cyber resiliency by offering integrated data protection software, systems and services to help ensure data and applications are protected and resilient wherever they live."
Jeff Boudreau, president and general manager, Infrastructure Solutions Group, Dell Technologies
The GDPI survey found that 91% of organizations are either aware of or planning to deploy a Zero Trust architecture – a cybersecurity model that shifts how organizations approach security from relying solely on perimeter defenses to a proactive strategy that only allows known, authorized traffic across system boundaries and data pipelines. However, only 23% are deploying a Zero Trust model and 12% are fully deployed. With embedded security features designed into the hardware, firmware and security control points, Dell's holistic approach helps organizations achieve Zero Trust architectures to strengthen cyber resiliency and help reduce security complexity.
The simplest path to modern data protection
Dell continues to deliver innovation for its data protection software, Dell PowerProtect Data Manager, to help organizations simplify their IT operations and reduce risk. PowerProtect Data Manager software addresses the increasing need for cyber resiliency and supports Zero Trust principles with new built-in operational security capabilities, such as multifactor authentication, dual authorization, and role-based access controls.
The Dell PowerProtect Data Manager Appliance offers a simple path to adopt modern data protection. The debut system is ideal for small and mid-sized use cases with support that scales from 12 to 96 terabytes of data.
The appliance offers customers a:
Modern, software-defined architecture: Allows automated discovery and protection of assets and delivers unique VMware protection with Transparent Snapshots to ensure the availability of all VMs without business disruption.
Secure, cyber resilient solution: Provides more secure access to restricted functions with Identity and Access Management to strengthen cyber resiliency.
Simple, unified user experience: Delivers software-defined data protection, making it easy to deploy and use.
"Dell PowerProtect Data Manager simplifies our backup environment, giving us the business agility needed to protect our data as we digitally transform," said James McNair, vice president, distributed systems manager, Trustmark Bank. "With the new PowerProtect Data Manager Appliance, we can more simply deploy Data Manager across our infrastructure, helping us be more efficient and strengthening our cyber resiliency."
Dell expands cyber recovery for fast, easy-to-deploy public cloud vaults
PowerProtect Cyber Recovery for Google Cloud enables customers to deploy an isolated cyber vault in Google Cloud to more securely separate and protect data from a cyberattack. Unlike standard cloud-based backup solutions, access to management interfaces is locked down by networking controls and can require separate security credentials and multi-factor authentication for access.
Organizations can use their existing Google Cloud subscription for purchasing PowerProtect Cyber Recovery through the Google Cloud Marketplace, and the service can be acquired directly from Dell and its channel partners.
The new offering marks the latest expansion of Dell's cyber recovery capabilities for public clouds, following this year's introduction of Dell PowerProtect for Microsoft Azure and CyberSense for Dell PowerProtect Cyber Recovery for AWS.
Dell APEX simplifies backup storage with flexible consumption options
Dell APEX Data Storage Services is expanding to offer a Backup Target option to provide more secure backup storage in a pay-per-use, flexible consumption model. The Backup Target service is easy for customers to adopt and streamlines the process of purchasing, deploying and maintaining backup storage. Building on Dell's leadership in data protection appliances and software1, the Backup Target helps reduce a customer's storage footprint and can increase data availability.
The new Dell APEX Data Storage Services Backup Target offer will support the increasing reliance on as-a-Service offerings to help overcome data protection challenges. Nearly every GDPI respondent (99%) identified at least one as-a-Service offering as a high priority to help overcome challenges for their organization. Storage as-a-Service (44%), Cyber Recovery as-a-Service (41%), and Backup as-a-Service (40%) ranked as the top three as-a-Service priorities.
Dell expands Future-Proof Program with new Cyber Recovery Guarantee
With cyber threats increasing and data becoming more valuable than ever, Dell plans to introduce in January a new Cyber Recovery Guarantee2 to provide assurance to customers that their data will be recoverable following a cyberattack. Dell will provide customers up to $10 million in reimbursement for qualifying expenses to assist in the recovery of data from ransomware and other cyber incidents in the event restoring data is not possible with Dell solutions.
The guarantee is designed to increase customer comfort and confidence in choosing Dell Data Protection Solutions, whether for data in production or, more securely, in a cyber vault. This new cyber recovery guarantee expands the Dell Technologies Future-Proof Program, which also includes a Data Protection Deduplication Guarantee3.
Seife Teklu, senior solutions architect, Arrow Electronics
"The integrated Dell PowerProtect Data Manager Appliance is easy to use and quick to deploy. This system will be a compelling option for our small to medium-sized customers needing to modernize data protection to help reduce risk and ensure business continuity."
Dell PowerProtect Data Manager Appliance is globally available this month in more than 30 countries across North America, Latin America, Europe and Asia Pacific.
Dell PowerProtect Data Manager software is globally available today.
Dell PowerProtect Cyber Recovery for Google Cloud Platform is globally available today.
Dell APEX Data Storage Services Backup Target will be globally available in the first quarter of 2023 in 16 countries across North America, Europe and Asia Pacific.
Dell's new Cyber Recovery Guarantee will be available in the US starting in January 2023.
About Dell Technologies
Dell Technologies helps organizations and individuals build their digital future and transform how they work, live and play. The company provides customers with the industry's broadest and most innovative technology and services portfolio for the data era.
Innovative Connecting Pte Ltd | November 25, 2022
Turbo VPN, developed by Innovative Connecting, a Singapore-based VPN provider, is providing worldwide access to content and endless entertainment for global users. Reputable for its super-fast and secure connection, this VPN service was established in 2018 and is trusted by 300 million users. Featuring a new tagline of "VPN for Everyone," Turbo VPN has quickly expanded its reach and is ready to serve internet users in more than 150 different countries. Turbo VPN uses an ultra-fast VPN to facilitate live streaming and gaming in high definition. Using secure, military-grade encryption and a no-logs policy, Turbo VPN is able to protect online data and minimize risks. Users can watch worldwide entertainment with just one click with Turbo VPN, including social media, streaming, and gaming.
With Turbo VPN, users can hide their address and location while being able to access streaming platforms cross-regionally. The VPN service also offers data security when connecting to mobile hotspots and public WiFi sources. By featuring a strict no-log policy and high-level encryption protocols, Turbo VPN offers a service that users can trust. Additionally, users will find this application simple to use, offering a one-tap connection to the desired VPN server.
Headquartered in Singapore, the company that developed Turbo VPN, Innovative Connecting, is a fast-growing technology company, trusted by over 300 million users globally. Innovative Connecting makes its customers the top priority, offering 24/7 customer care service and the utmost privacy. Innovative Connecting was founded with the vision to create a high-quality network that is accessible to everyone. It wanted to create a safe place for entertainment of all genres to be easily available to people of all ages. Founded in Singapore, a global hub for innovation and technology, Innovative Connecting focuses on connecting the world with technologies and believes in the power of the open web.
When using Turbo VPN, users can protect up to 5 devices at once while also freely streaming their favorite shows, regardless of whether they are abroad or at home. Users can access websites, apps, social media networks, and other online services without any slowdown. Turbo VPN is also practical for gamers who wish to minimize a game's latency and accelerate mobile game speeds. Turbo VPN can improve the gaming experience for users of many gaming apps and websites.
A Chrome-compatible version of Turbo VPN was released in June 2022. Turbo VPN is also compatible with iOS, Mac, Android, and Windows. This user-friendly application makes stable and fast VPN servers accessible to internet users worldwide. Turbo VPN is available for purchase for as little as $4.17 per month. One-month plans are available for $11.99. Subscribed Turbo VPN users receive unlimited access to over 21,000 fast and secure servers from over 45 countries without having to pay any extra download or usage fees.