VMWARE

CISA recommends VMware, F5 patches. Liquidity mining fraud. Strapi issues patched. TDI clarifies data incident.

CISA | May 20, 2022

CISA_recommends_VMware
VMware yesterday addressed issues in several of its products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager. That these are more significant than the ordinary run of patches may be seen by the way the US Cybersecurity and Infrastructure Security Agency (CISA) has discussed them. Alert (AA22-138B), "Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control" warns that "malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination." The Alert adds, "CISA expects malicious cyber actors to quickly develop a capability to exploit newly released vulnerabilities CVE-2022-22972 and CVE-2022-22973 in the same impacted VMware products. In response, CISA has released, Emergency Directive (ED) 22-03 Mitigate VMware Vulnerabilities, which requires emergency action from Federal Civilian Executive Branch agencies to either immediately implement the updates in VMware Security Advisory VMSA-2022-0014 or remove the affected software from their network until the updates can be applied." US Federal civilian agencies have until next Monday to identify and remediate the issues, and they're required to report completion no later than Tuesday.

Fraudulent liquidity mining.
Sophos describes the way the threat of fraudulent liquidity mining is shaping up in decentralized finance systems. "Legitimate liquidity mining exists to make it possible for decentralized finance (DeFi) networks to automatically process digital currency trades," Sophos explains, and criminals are using social engineering to abuse such systems to defraud cryptocurrency investors of their holdings.

More loosely regulated than conventional cryptocurrency exchanges, which use market makers and seek to ensure that sufficient reserves are on hand to back trades, DeFi exchanges use Automated Market Makers (AMMs). Sophos explains that "Smart contracts built into the DeFi network have to rapidly determine the relative value of the currencies being exchanged and execute the trade. Since there is no centralized pool of crypto for these distributed exchanges to pull from to complete trades, they rely on crowdsourcing to provide the pool of cryptocurrency capital required to complete a trade—a liquidity pool." Liquidity pool tokens, ("LP tokens") are used to represent the portion of the liquidity pool an investor contributed. But unethical DeFi operators can cancel the tokens (or simply not create a pool to back them in the first place), and this, Sophos observes, offers "ample opportunity for digital Ponzi schemes, fraudulent tokens, and flat-out theft."

CMS vulnerabilities disclosed and patched.
The Synopsys Cybersecurity Research Center (CyRC) has identified two vulnerabilities in Strapi. Strapi is an open-source headless content management system (CMS) Javascript software that enables developers to quickly design and build content-rich APIs. Both vulnerabilities involve authenticated users with access to the Strapi admin panel having access to private and sensitive data, such as email and password reset tokens. The first vulnerability allows for the authenticated user to view private and sensitive data for other admin panel users that have a relationship with content accessible to the authenticated user. The second vulnerability allows for the authenticated user to view private and sensitive data for API users if content types accessible to the authenticated user contains relationships to API users. The vulnerabilities are fixed in newer, updated versions of Strapi, and Synopsys has commended Strapi for its quick response to the discovery.

Texas Department of Insurance clarifies facts surrounding its data incident.
The Texas Department of Insurance (TDI) has sent around a fact sheet that clarifies a data incident the agency sustained earlier this year: "In January 2022, TDI found the issue was due to a programming code error that allowed internet access to a protected area of the application. TDI promptly disconnected the web application from the internet. After correcting the programming code, TDI placed the web application back online. The forensic investigation could not conclusively rule out that certain information on the web application was accessed outside of TDI. This does not mean all the information was viewed by people outside TDI. Because we couldn't rule out access, we took steps to notify those who may have been affected." While data could have been accessed by unauthorized personnel, TDI has investigated and found that, "There is no evidence to date that there was a misuse of information."

Spotlight

Do you hear that? It’s the sound of a massive wave of change generated by social media, mobile devices, and the growing Internet of Things. This wave is driving the pace of business, pushing companies to accomplish more, in less time, than ever before. The engine of that change is IT. As it increasingly drives business value, IT must deliver resources with unprecedented speed and cost-efficiency. IT made tremendous leaps with server and application virtualization, which delivered exceptional compute efficiency and flexibility. But today, two critical resource silos remain largely untouched: networking and storage. Relics of the past, these infrastructure silos are slow, expensive, and not well suited to the needs of highly dynamic applications being deployed today. Today’s IT leaders need new levels of dexterity – and fixed, purpose-built hardware models simply can’t come through.


Other News
VMWARE

Dialpad Welcomes Prashanti Aduma as Chief Information Officer

Dialpad | January 12, 2022

Dialpad, Inc., the industry leader in AI-powered communication and collaboration, announced the appointment of Prashanti Aduma as the company’s first Chief Information Officer (CIO). With more than 20 years of demonstrated leadership and project management experience at high-growth startups and enterprises, Aduma will play a significant role in advancing the core business systems, data, and security framework in concert with Dialpad’s rapid growth and global scale. Aduma is a transformative leader who brings deep experience in building world-class IT organizations and driving global strategic initiatives to enable next-generation technologies. Aduma joins Dialpad from Salesforce where she served as Senior Director of Enterprise Services. Prior to Salesforce’s acquisition of Vlocity, Aduma served as Vice President of Business Applications at Vlocity and was responsible for the full suite of front and back-office business applications. Aduma has also held leadership positions at Rodan + Fields, SunPower, and VMware where she led the rollout of major IT and engineering initiatives. Work as we know it has been forever changed, driving the need for better methods to connect and collaborate. In order to succeed in this new world, businesses need cloud-first, customer-first solutions that can accommodate all forms of communication. As the only truly unified AI-powered enterprise cloud collaboration platform, Dialpad is uniquely positioned to fill this need. I could not be more thrilled to welcome Prashanti Aduma to the Dialpad executive team as we prepare for a tremendous year ahead. She is an insightful leader with a focus on building strong teams and trusted partnerships throughout the organization and with the external community. We have a huge opportunity in front of us and believe when the right people come together — anything is possible.” Craig Walker, CEO, Dialpad As CIO, Aduma will play a critical role in ensuring the company is well-positioned through its rapid global expansion. Aduma will lead the business technology group which focuses on digital transformation, establishing industry standards and securing end-to-end business processes through next-generation technology roadmaps, data-driven analytics, automations, security, mergers and acquisitions. In her role, Aduma will focus on creating an integrated operating model providing A+ customer service across all business functions. Beyond her technical acumen and work experience, Aduma is passionate about mentorship, promoting empathetic leadership, and encouraging youth in STEM education. “Dialpad has the only AI-powered cloud communications and collaboration platform that spans all modes of contact center, unified communications, distributed meetings, and text and team messaging. I could not be more excited to become a member of the amazing team at this important vector point for the company,” said Prashanti Aduma, Dialpad CIO. “This is the perfect time to embark on the digital transformation journey as we scale globally and get the company ready for the public markets.” About Dialpad Dialpad is the global leader in AI communications for business, transforming how the world works together. Dialpad customers benefit from truly unified business and customer communications, including a cloud business phone system, text and team messaging, video meetings, and the world’s most advanced AI-powered contact center — all in one beautiful app. More than 7,000 innovative brands and millions of people use Dialpad to connect their teams from anywhere including Motorola Solutions, Netflix, T-Mobile, Twitter, Uber and WeWork.

Read More

VPN

Exidio Launches First-of-Its-Kind Decentralized VPN App for IOS/Android

Exidio | December 16, 2021

Following their initial launch in 2020, Exidio expands their offerings to include mobile app devices including apps for Exidio and Sentinel, creating custom open source applications on a peer-to-peer bandwidth network for optimal protection. This tech provides people with secured and easily accessible information using dVPN to protect users from shared data and encrypt all personal information. While many in Western countries don’t experience the impact of controlling governments, globally people are actively controlled by local and national governments or external groups. Using services, like those that Exidio and Sentinel offer, can give freedom to the users to effectively communicate or manage sensitive information. Exidio changes the landscape of mistrust and obscurity within the VPN industry by creating custom, white label applications that connect to the Sentinel node network, a decentralized peer-to-peer node network. Ensuring privacy and security, Exidio can prove a users' web traffic and metadata is end-to-end encrypted. Exidio cannot access the traffic, nor can a node host view the web traffic or metadata of a user. Exidio builds open source applications allowing anyone to check its codebase. The Sentinel Ecosystem consists of the Sentinel node network, the dVPN user base, communities of open source code contributors, and companies integrating the Sentinel node network. Since its inception in 2018, the Sentinel Ecosystem has seen significant growth. By sharing an app version for this tech, people will be able to access more easily and integrate into the fast communications and processes of a mobile device. Whether participating at a protest or just texting a friend on a sidewalk, this tech will protect people who are at risk of federal detention or worse, physical abuse and harm, at the hands of controlling groups. About Exidio Exidio is the leader in transparent, end-to-end encrypted VPN technology. Exidio builds beautiful applications empowering consumers and businesses to reclaim their digital privacy and security. Leveraging open-source code and decentralized networks, Exidio is bringing a new paradigm of transparency to the VPN space. Customers can download our application to access websites and stream videos from around the world, reclaim their online security and free themselves from third-party surveillance. About Sentinel Sentinel is the first scalable framework allowing for dVPNs to utilize shared resources, reducing the overall network carbon footprint The goal of the Sentinel ecosystem to decentralize the VPN industry and introduce the ‘dVPN’ to the mainstream consumer.

Read More

VMWARE

Infoblox's State of Security Report Spotlights Remote Work Hazards around the World

Infoblox | June 01, 2022

Infoblox, the leader in DNS management and security services, today unveils a global report examining the state of security concerns, costs, and remedies. As the pandemic and uneven shutdowns stretch into a third year, organizations are accelerating digital transformation projects to support remote work. Meanwhile, attackers have seized on vulnerabilities in these environments, creating more work and larger budgets for security teams. 1,100 respondents in IT and cybersecurity roles in 11 countries – United States, Mexico, Brazil, United Kingdom, Germany, France, the Netherlands, Spain, United Arab Emirates, Australia, and Singapore – participated in the survey. Key findings include: The surge in remote work has changed the corporate landscape significantly – and permanently. 52% of respondents accelerated digital transformation projects, 42% increased customer portal support for remote engagement, 30% moved apps to third party cloud providers, and 26% shuttered physical offices for good. These changes led to the additions of VPNs and firewalls, a mix of corporate and employee owned devices as well as cloud and on-premises DDI servers to manage data traffic across the expanded network. The hybrid workforce reality is causing greater concerns with data leakage, ransomware and attacks through remote access tools and cloud services. Respondents indicate concerns about their abilities to counter increasingly sophisticated cyberattacks with limited control over employees, work-from-home technologies, and vulnerable supply chain partners. The sophistication of state-sponsored malware also is a source of worry for many. Organizations have good reason to worry: 53% of respondents experienced up to five security incidents that led to at least one breach. Though ransomware often grab headlines, phishing is the most common conduit for illegal entry. Attacks tended to originate on WiFi access points, employee-owned endpoints, or the cloud. Overall, 43% suffered at least $1 million in direct and indirect losses. Organizations are buying cloud-first security tools to protect their hybrid environments. 59% of respondents saw bigger budgets in 2021 and nearly 75% anticipate an increase in 2022. They are creating a defense-in-depth strategy using everything from endpoint and network security to cloud access security brokers, DNS security, and threat intelligence services to defend their expanded attack surface. Network data is taking center stage for threat hunting. 40% mostly relied on network flow data, 39% on systems-specific vulnerability information, 39% DNS queries, and 37% outside threat intelligence services. Interest in Secure Access Service Edge (SASE) frameworks is accelerating. As assets, access and security move out of the network core to the edge with the push for virtualization, 53% have already partially or fully implemented SASE and another 28% intend to do so. "The pandemic shutdowns over the past two years have reshaped how companies around the world operate, Cloud-first networks and corresponding security controls went from nice-to-have features to business mainstays as organizations sent office workers to work from home. To address the spike in cyberattacks, security teams are turning to DNS security and zero trust models like SASE for a more proactive approach to protecting corporate data and remote devices." Anthony James, VP of Product Marketing at Infoblox About Infoblox Infoblox is the leader in next generation DNS management and security. More than 12,000 customers, including over 70% of the Fortune 500, rely on Infoblox to scale, simplify and secure their hybrid networks to meet the modern challenges of a cloud-first world.

Read More

VIRTUAL SERVER INFRASTRUCTURE

VRSim Release Software Update for Industry Favored Paint Simulator

VRSim | February 22, 2022

VRSim is pleased to announce an expansive new update for SimSpray, the industry-leading virtual reality painter training program. Update 3.3 introduces more field-specific content, an overhauled and more intuitive user interface, a performance portal complete with progress tracking, and customizable paint and material systems. Catering to specialized fields are the all-new "industry content packs". These include: Aerospace, Automotive, Building Trades, Furniture & Cabinetry, and Structural. Each industry content pack comes standard with field-specific parts (including vehicles, equipment and/or materials), customized paint and material systems, and a learning curriculum. The upgraded user interface supports new spray gun models, more immersive controls, and impressive supporting resources. SimSpray's intuitive feedback, objective scoring, Paintometer ROI tracking, and high-quality realistic simulations complete the training package. SimSpray's brand new web-based "Performance Portal" connects instructors with each of their students by tracking individual progression of the training curriculum. It also collects detailed information regarding both individual and group performance to help instructors give targeted feedback. SimSpray leads the industry in supporting training for spray coating, powder coating, and abrasive blasting applications. Both SimSpray and SimSpray Go offer customized processes and content to best fit the needs of any training program. VRSim offers added custom and/or proprietary part development as an additional upgrade. Visit with VRSim's expert sales team to determine which model is best for your program. About VRSim VRSim is a high-demand developer of interactive VR training solutions for skilled trades. VRSim, headquartered in East Hartford, CT, has reimagined industry tradition and developed next-gen training systems for welding, spray painting, construction, manufacturing, and robotics. Their training solutions have been used in programs for high schools, technical colleges, vocational training, and workforce development initiatives. VRSim has partnered with global leaders including the International Union of Painters and Allied Trades, the National Truck Equipment Association, The Boeing Company, Caterpillar, Saint Gobain, and the U.S. Navy.

Read More

Spotlight

Do you hear that? It’s the sound of a massive wave of change generated by social media, mobile devices, and the growing Internet of Things. This wave is driving the pace of business, pushing companies to accomplish more, in less time, than ever before. The engine of that change is IT. As it increasingly drives business value, IT must deliver resources with unprecedented speed and cost-efficiency. IT made tremendous leaps with server and application virtualization, which delivered exceptional compute efficiency and flexibility. But today, two critical resource silos remain largely untouched: networking and storage. Relics of the past, these infrastructure silos are slow, expensive, and not well suited to the needs of highly dynamic applications being deployed today. Today’s IT leaders need new levels of dexterity – and fixed, purpose-built hardware models simply can’t come through.

Resources