CenturyLink partners with VMware and AWS to deliver hybrid-cloud solutions

Silicon Angle | December 17, 2019

When it comes to network integration, connectivity and workload management, CenturyLink Inc. has positioned itself squarely in the hybrid-cloud ecosystem. In August, the company announced the launch of its Private Cloud Service for VMware Inc. on AWS. CenturyLink has already seen use cases where its managed information-technology services and cloud connectivity expertise can help customers pursue new solutions.“We’re working with an airline that wants to start building a series of initiatives to sell vacation packages and be very creative in how they market and deliver those, pulling through airline sales along the way,” said David Shacochis (pictured, left), vice president of product management at CenturyLink. “They’re going to be designing those digital initiatives in AWS, but they need access to flight, schedule, and logistics information that they keep inside of their VMware environment.

Spotlight

Want to grab an inexpensive AMD Ryzen 7, 8 core / 16 thread CPU for a low-cost VMware ESXi 6.5 home lab? We tried it and saw the dreaded VMware Pink Screen of Death. You can read more about the setup here: https://www.servethehome.com/amd-ryze...


Other News
VMWARE

Cybercriminals Target Linux-based Systems With Ransomware and Cryptojacking Attacks

VMware | February 09, 2022

As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker’s ticket into a multi-cloud environment. Current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks that target Linux-based workloads. VMware, Inc. released a threat report titled “Exposing Malware in Linux-based Multi-Cloud Environments.” Key findings that detail how cybercriminals are using malware to target Linux-based operating systems include: Ransomware is evolving to target Linux host images used to spin workloads in virtualized environments; 89 percent of cryptojacking attacks use XMRig-related libraries; and More than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly. Cybercriminals are dramatically expanding their scope and adding malware that targets Linux-based operating systems to their attack toolkit in order to maximize their impact with as little effort as possible. Rather than infecting an endpoint and then navigating to a higher value target, cybercriminals have discovered that compromising a single server can deliver the massive payoff and access they’re looking for. Attackers view both public and private clouds as high-value targets due to the access they provide to critical infrastructure services and confidential data. Unfortunately, current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks on Linux-based operating systems.” Giovanni Vigna, senior director of threat intelligence at VMware As malware targeting Linux-based operating systems increases in both volume and complexity amid a rapidly changing threat landscape, organizations must place a greater priority on threat detection. In this report, the VMware Threat Analysis Unit (TAU) analyzed the threats to Linux-based operating systems in multi-cloud environments: ransomware, cryptominers, and remote access tools. Ransomware Targets the Cloud to Inflict Maximum Damage As one of the leading breach causes for organizations, a successful ransomware attack on a cloud environment can have devastating consequences.(2) Ransomware attacks against cloud deployments are targeted, and are often combined with data exfiltration, implementing a double-extortion scheme that improves the odds of success. A new development shows that ransomware is evolving to target Linux host images used to spin workloads in virtualized environments. Attackers are now looking for the most valuable assets in cloud environments to inflict the maximum amount of damage to the target. Examples include the Defray777 ransomware family, which encrypted host images on ESXi servers, and the DarkSide ransomware family, which crippled Colonial Pipeline’s networks and caused a nationwide gasoline shortage in the U.S. Cryptojacking Attacks Use XMRig to Mine Monero Cybercriminals looking for an instant monetary reward often target cryptocurrencies using one of two approaches. Cybercriminals either include wallet-stealing functionality in malware or they monetize stolen CPU cycles to successfully mine cryptocurrencies in an attack called cryptojacking. Most cryptojacking attacks focus on mining the Monero currency (or XMR) and VMware TAU discovered that 89 percent of cryptominers used XMRig-related libraries. For this reason, when XMRig-specific libraries and modules in Linux binaries are identified, it is likely evidence of malicious cryptomining behavior. VMware TAU also observed that defense evasion is the most commonly used technique by cryptominers. Unfortunately, because cryptojacking attacks do not completely disrupt the operations of cloud environments like ransomware, they are much more difficult to detect. Cobalt Strike Is Attackers’ Remote Access Tool of Choice In order to gain control and persist within an environment, attackers look to install an implant on a compromised system that gives them partial control of the machine. Malware, webshells, and Remote Access Tools (RATs) can all be implants used by attackers in a compromised system to allow for remote access. One of the primary implants used by attackers is Cobalt Strike, a commercial penetration testing and red team tool, and its recent variant of Linux-based Vermilion Strike. Since Cobalt Strike is such a ubiquitous threat on Windows, the expansion out to the Linux-based operating system demonstrates the desire of threat actors to use readily available tools that target as many platforms as possible. VMware TAU discovered more than 14,000 active Cobalt Strike Team Servers on the Internet between February 2020 and November 2021. The total percentage of cracked and leaked Cobalt Strike customer IDs is 56 percent, meaning that more than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly. The fact that RATs like Cobalt Strike and Vermilion Strike have become a commodity tool for cybercriminals poses a significant threat to enterprises. “Since we conducted our analysis, even more ransomware families were observed gravitating to malware targeting Linux-based systems, with the potential for additional attacks that could leverage the Log4j vulnerabilities,” said Brian Baskin, manager of threat research at VMware. “The findings in this report can be used to better understand the nature of this malware and mitigate the growing threat that ransomware, cryptomining, and RATs have on multi-cloud environments. As attacks targeting the cloud continue to evolve, organizations should adopt a Zero Trust approach to embed security throughout their infrastructure and systematically address the threat vectors that make up their attack surface.” Methodology The VMware Threat Analysis Unit (TAU) helps protect customers from cyberattacks through innovation and world-class research. TAU is composed of malware analysts, reverse engineers, threat hunters, data scientists, and intelligence analysts at VMware. To understand how to detect and prevent attacks that bypass traditional, file-centric, prevention strategies, TAU focuses on techniques that were once the domain of advanced hackers and are now moving downstream into the commodity attack market. The team leverages real-time big data, event streaming processing, static, dynamic and behavioral analytics, and machine learning. TAU applied a composition of static and dynamic techniques to characterize various families of malware observed on Linux-based systems based on a curated dataset of metadata associated with Linux binaries. All the samples in this dataset are public and therefore they can be easily accessed using VirusTotal or various websites of major Linux distributions. TAU collected more than 11,000 benign samples from several Linux distributions, namely, Ubuntu, Debian, Mint, Fedora, CentOS, and Kali. TAU then collected a dataset of samples for two classes of threats, namely ransomware and cryptominers. Finally, TAU collected a dataset of malicious ELF binaries from VirusTotal that were used as a test malicious dataset. TAU started collecting the dataset in June 2021 and concluded in November 2021. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.

Read More

VMWARE

Alibaba Cloud and VMware Deliver Next-Generation Alibaba Cloud VMware Service to Accelerate Digital Innovation

Alibaba | April 21, 2022

Alibaba Cloud and VMware, Inc. today announced the next evolution of Alibaba Cloud VMware Service, a jointly-developed public cloud service. With Alibaba Cloud VMware Service, enterprises across China can accelerate enterprise cloud transformation to support digital innovation with lower costs and risk Alibaba Cloud VMware Service enables enterprises in China to migrate and modernize applications faster and seamlessly move workloads between on-premises VMware environments and Alibaba Cloud at scale. Alibaba Cloud VMware Service is operated by Alibaba Cloud, the digital technology and intelligence backbone of Alibaba Group. The service features the power of the entire VMware Cloud stack running natively on Alibaba Cloud’s advanced infrastructure to maximize performance, availability, security and increase workload density. Customers can use a consistent VMware Cloud platform that can support vMotion migration of workloads to Alibaba Cloud VMware Service with zero disruptions. “In today’s app-driven economy, more and more Chinese enterprises are adopting a hybrid cloud model to accelerate their digital transformation,” said Mark Lohmeyer, senior vice president and general manager, Cloud Infrastructure Business Group at VMware. “Alibaba Cloud VMware Service helps customers modernize applications, infrastructure and operations faster with demonstrable economic benefits and less risk.” “Alibaba Cloud VMware Service enables enterprises to seamlessly migrate workload to cloud and reduce the costs of both operations and migration,” said Ms. Lijuan Chen, Vice President of Alibaba Group. “It also helps enterprises leverage leading cloud technologies to further unlock the benefits of digital transformation.” With the integration of VMware’s innovative technologies and Alibaba Cloud services, Alibaba Cloud VMware Service is an ideal cloud platform on which to run enterprise applications, featuring: Enterprise-Grade Compute, Storage, Networking Capabilities: ideal platform for customers’ enterprise applications. Designed for business-critical/tier-1 workloads with high availability, strong security, and granular resource control built into the core VMware Cloud infrastructure. Unified Infrastructure and Management: consistent infrastructure and operations. Achieve high visibility and automation through unified VMware Cloud infrastructure and management running and operating across on-premises and Alibaba Cloud environments supporting both VMs and containers. Security and Disaster Recovery: better protect apps and workloads with faster recovery outages. Create offsite disaster recovery site to safeguard VMs in any operating system and application, achieve fast and predictable recovery time objectives (RTOs), and automate disaster recovery workflows to reduce disaster recovery costs. Service complies with China's cybersecurity regulations and provides extremely high security and availability to help enable business continuity. Comprehensive App Modernization Platform: modernize enterprise applications faster. Combine Kubernetes, popular developer tools and frameworks, and access to native Alibaba Cloud services to achieve a fast path to production for applications. Attractive TCO: lower upfront migration and ongoing operating costs. Familiar vSphere capabilities maximize the value of the underlying hardware resources. Advanced infrastructure enables on-demand scaling of capacity based on business needs. Costs of retooling, re-platforming, and retraining to move vSphere workloads to non-vSphere public clouds are mostly eliminated. IT Operations Efficiency: leverage investments in people and processes. Skills built up over years of VMware experience are directly transferable to Alibaba Cloud VMware Service. No retraining or new hires are needed to accommodate the entirely different operational processes required for running traditional or cloud native applications in a VMware-based public cloud. “Seeing the benefits of the public cloud, we considered adopting hybrid cloud for our environments, but initially there wasn’t a consistent public cloud platform with the same VMware architecture,” said Mr. Ming Xu, deputy director of process and IT department at United Automotive Electronics Co., Ltd. “After deploying Alibaba Cloud VMware Service, we solved many challenges including enabling seamless cloud migration with no negative effects on the core business, efficiently managing simultaneous environments on and off the cloud, and removing the high cost of data center operations. The service also enhanced elastic scaling and rapid expansion of VMware resources on the cloud.”

Read More

VIRTUAL DESKTOP STRATEGIES

Datometry Hyper-Q Now Available in the Microsoft Azure Marketplace

Datometry | March 15, 2022

Datometry, the pioneer in database virtualization and a Microsoft Global Partner, today announced the availability of the Datometry Hyper-Q platform in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. Datometry customers can now take advantage of the productive and trusted Azure cloud platform with streamlined deployment and management. Datometry Hyper-Q is the first virtualization platform that lets applications written for a specific database, including Teradata and Oracle, run natively on Microsoft Azure Synapse. Hyper-Q enables enterprises to re-platform to Microsoft Azure without a time-consuming, costly, and risk-laden manual database migration. Hyper-Q emulates in real-time all database functionality that existing applications rely on using Microsoft Azure Synapse. With Hyper-Q, enterprises can modernize their data warehouse on average in under 40 weeks, without disrupting the business, while achieving cost savings of over 90% compared to other approaches. "Microsoft Azure Marketplace has proven to be a tremendous accelerator for our sales cycles," says Chad Bonner, VP of Worldwide Sales, Datometry. "Customers are able to shorten their procurement times by weeks if not months. We also save time in budget allocations because customers can deploy funds from their Microsoft Azure commitment directly to Datometry." We're pleased to welcome the Datometry Hyper-Q database virtualization platform to the Microsoft Azure Marketplace, which gives our partners great exposure to cloud customers around the globe. Azure Marketplace offers world-class quality experiences from global trusted partners with solutions tested to work seamlessly with Azure." Jake Zborowski, General Manager, Microsoft Azure Platform at Microsoft Corp The Azure Marketplace is an online market for buying and selling cloud solutions certified to run on Azure. The Azure Marketplace helps connect companies seeking innovative, cloud-based solutions with partners who have developed solutions that are ready to use. About Datometry Datometry is the leader in database system virtualization. Datometry's technology frees enterprises from vendor lock-in on their on-premises database technology and accelerates any enterprise's journey to the cloud. Datometry Hyper-Q empowers enterprises to run their existing applications directly on a cloud database of their choice without the need for costly and risk-laden database migrations. Leading Fortune 500 and Global 2000 enterprises worldwide realize significant cost savings and out-innovate their competition with Datometry during this critical period of transformation to cloud-native data management.

Read More

SECURITY

Intelligent Waves LLC Names Tony Crescenzo as Chief Executive Officer

Intelligent Waves LLC | January 20, 2022

Intelligent Waves LLC, a leading-edge trusted IT systems integrator that delivers high-impact transformational IT solutions to Government’s most mission-critical challenges, is pleased to announce that Tony Crescenzo, IW’s President, has been promoted to the position of Chief Executive Officer. In addition, Jared Shepard, IW’s founder, and the owner will continue to lead IW in the role of Chairman of the Board. Under Crescenzo's leadership, the company has experienced two consecutive years of aggressive growth and profitability. "Intelligent Waves has grown and matured into a respected market leader,” stated Jared Shepard. “By initially hiring Tony Crescenzo as President in 2020, I set a strategic goal of elevating IW's growth trajectory and scalability to the next level. It has been awesome to see how Tony Crescenzo's leadership has materialized my vision for the company. Tony's high-energy leadership style and ability to recruit top management talent has enabled us to maximize the value and impact of our company." Intelligent Waves has recently successfully launched several innovative and disruptive cybersecurity solutions that serve the Defense and Intelligence Community, including GRAYPATH, an ultra-secure next-generation VPN, and Phantom, an award-winning cyber defense solution for the most demanding and secure communications. It is a tremendous honor to take the reins as the CEO of Intelligent Waves, and I look forward to helping the company fulfill its full potential through innovation in the Government’s most demanding and critical areas. Intelligent Waves is at the forefront of innovation in support of real-world mission outcomes, and I am proud to lead such an exceptional organization.” Tony Crescenzo, IW’s CEO Intelligent Waves was founded in 2006 by Jared Shepard. Under his leadership, Intelligent Waves has grown from a two-person team to a thriving, award-winning business with over two hundred employees. Intelligent Waves has received numerous accolades and awards, including ranking as one of Washington Business Journal's 100 largest veteran-owned companies for 2020, ranking as a top company on Inc.'s VET100 List, and ranking among Monster.com and Military.com Rated top 10 Best Company for Veterans Nationwide in 2017, 2018, 2019, and 2020. In addition to serving IW as Chairman of the Board, Jared Shepard spun out his second company in 2021, Hypori Inc. where he serves as the company's President and CEO. Hypori is an award-winning SaaS company providing secure mobility for government and commercial customers. Its innovative solution puts the power and speed of the cloud on any mobile or edge device, enabling remote users to access critical data and apps through a separate, secure workspace. About Intelligent Waves LLC Intelligent Waves LLC is a service-disabled, veteran-owned small business. The firm provides enterprise systems engineering, cloud computing and managed services, cyber and security architecture, mobility, operations, and intelligence analytics.

Read More

Spotlight

Want to grab an inexpensive AMD Ryzen 7, 8 core / 16 thread CPU for a low-cost VMware ESXi 6.5 home lab? We tried it and saw the dreaded VMware Pink Screen of Death. You can read more about the setup here: https://www.servethehome.com/amd-ryze...

Resources