VIRTUAL DESKTOP STRATEGIES
Pentera | April 04, 2022
Pentera, the leader in Automated Security Validation (ASV), today announced its Pentera Labs team discovered two zero-day vulnerabilities. If exploited by threat actors, the critical attack path may result in the ability to disable, disrupt and destroy VMware vCenter managed environments in over 500,000 organizations globally.
The vulnerabilities were reported to VMware by Senior Security Researcher Yuval Lazar and released under CVE-2022-22948 and CVE-2021-22015 with a patch. Pentera Labs’ technical review of the vulnerabilities can be found here. Discovered vulnerabilities require immediate patching to prevent malicious actors from achieving remote access to vCenter and inflicting widespread damage on organizations.
Installed in thousands of organizations worldwide and managing some of their most critical asset and core systems, VMware vCenter Servers are a high-priority target for cybercriminals. Once compromised, the ease and convenience that vCenter offers for managing virtualized hosts in enterprise environments will play into the adversary’s hands, providing centralized access and widespread Impact.
“As part of our daily work, we research the entire enterprise IT attack surfaces, including the exploitability of virtual workload environments such as vCenter and ESXi and discovered zero-day vulnerabilities,” said Alex Spivakovsky, VP of Research at Pentera. “We’re glad to have discovered and immediately disclosed these vulnerabilities to strengthen the defender community and have not seen evidence that malicious actors exploited it at this time.”
Pentera’s interest in VMWare’s vCenter started because of previously reported vulnerabilities, increasing demand from customers and threats observed in the wild, most notably recent reports of a python ransomware strain targeting ESXi. The team will continue to identify potential vulnerabilities within the platform that could affect businesses globally.
Security readiness is not determined by a single vulnerability or the security team’s ability to discover and patch it. Our award-winning security validation platform autonomously emulates the entire cyberattack kill chain and provides peace of mind for security leaders facing a multitude of internal and external attacks.”
Pentera co-founder and CTO, Dr. Arik Liberzon
Pentera is the category leader for Automated Security Validation, allowing every organization to easily test the integrity of all cybersecurity layers, unfolding accurate, current security exposures at any moment, at any scale. Thousands of security professionals and service providers worldwide use Pentera to guide remediation and close security gaps before they are exploited.
Cloud Foundry | May 17, 2022
Cloud Foundry Foundation today announced Korifi, the beta release of a new Platform-as-a-Service (PaaS) that eases much of the complexity inherent to Kubernetes, to vastly improve the application deployment experience.
The Kubernetes experience has been complex for operators and developers alike, Korifi harnesses the developer-centric experience of Cloud Foundry to deliver a Cloud Foundry-compatible application platform running on Kubernetes.
"As Kubernetes has matured, our community has built several Cloud Foundry abstractions to reduce Kubernetes complexities," said Chris Clark, program manager of Cloud Foundry Foundation. "The proven Cloud Foundry developer experience already saves organizations millions of dollars by maximizing developer productivity. With Korifi, we're building on a new architecture learned from previous iterations like cf-for-k8s and KubeCF. Korifi brings greater interoperability with cloud-native technologies, bringing the ease and simplicity of the Cloud Foundry app developer experience to Kubernetes."
Korifi's fully open-source code base and community-driven approach ensures that adopters get complete transparency and agility. For system integrators and service providers, Korifi is an avenue to enable a cloud-native transformation for their Cloud Foundry customers and also introduce a new cloud-based product.
"Thousands of developers use Cloud Foundry everyday as an easy, reliable platform to deploy and manage their mission-critical applications. Their teams rely on its stability and automation to support those fleets of developers and applications. We see Korifi as an opportunity to ensure that Cloud Foundry interoperates well with the growing ecosystem of other cloud-native technologies and deployment practices."
Craig McLuckie, chair of the Cloud Foundry governing board and vice president of research and development at VMware.
Cloud Foundry is an open source technology backed by the largest technology companies in the world, including, HCL, Huawei, IBM, SAP, and VMware, and is being used by leaders in manufacturing, telecommunications and financial services. Only Cloud Foundry delivers the velocity needed to continuously deliver apps at the speed of business. Cloud Foundry's container-based architecture runs apps written in any language on a choice of cloud platforms — Amazon Web Services (AWS), Google Cloud Platform (GCP), IBM Cloud, Microsoft Azure, OpenStack, and more. With a robust services ecosystem and simple integration with existing technologies, Cloud Foundry is the modern standard for deploying mission critical apps at global organizations.
About Cloud Foundry Foundation
The Cloud Foundry Foundation is a non-profit open source organization formed to sustain the development, promotion and adoption of Cloud Foundry as the industry standard for delivering the best experience for developers at companies of all sizes. The Foundation projects include Cloud Foundry, Paketo Buildpacks, Korifi, Eirini, BOSH, Open Service Broker API, CredHub, and more. Cloud Foundry makes it faster and easier to build, test, deploy and scale applications, and is used by more than half the Fortune 500, representing nearly $15 trillion in combined revenue.
VIRTUAL SERVER INFRASTRUCTURE
KIOXIA | April 29, 2022
Next week at Dell Technologies World, KIOXIA America, Inc. will be on hand to demonstrate how its innovative solid state drives (SSDs) are accelerating customer application performance and enabling product breakthroughs. From SSDs designed with PCIe ® 5.0 technology that boost power and performance to the industry’s first lineup of Enterprise and Datacenter Standard Form Factor (EDSFF) E3.S SSDs1, best in class drives from KIOXIA are used in a number of Dell product lines.
KIOXIA, the inventor of NAND flash, sits at the forefront of flash storage and SSD innovation. Achievements such as the introduction of 3D flash memory, XL-FLASHTM storage class memory, and new form factors and interfaces underscore the contributions the company has made toward enabling next-gen applications – and transforming the digital world.
“A culture of innovation is the bedrock upon which a company can claim to offer breakthrough solutions – and both Dell and KIOXIA have that in their DNA,” commented Neville Ichhaporia, vice president of SSD marketing and product management, KIOXIA America, Inc. “We are proud to collaborate closely with Dell to push the limits of what’s possible in our new data-centric world.”
Dell Technologies World Breakout Session
On May 3rd at 1:30pm and May 4th at 10am, KIOXIA America and Dell will jointly conduct a session titled, “KIOXIA and Dell: Together on the Forefront of Storage Technology. 2022 – the Year of Breakthrough Storage Technologies.” This session focuses on the bevy of new technologies in the SSD realm that have already been seen this year, as well as those yet to be unveiled. Highlights include 24G SAS (SAS-4) bringing unprecedented speeds to SAS-equipped architectures, PCIe 5.0 technology doubling the performance of PCIe 4.0, and new form factors enabling higher performance and density than ever before.
Additionally, Neville Ichhaporia will be featured in an interview on Dell TV. The breakout session and interview will be available on the KIOXIA Dell Technologies World sponsor page and can also be viewed on the Dell Technologies World website at the conclusion of the show.
KIOXIA has been a Dell strategic supplier for two decades and a Diamond-level Dell Technologies World sponsor for multiple years. KIOXIA products can be found in numerous Dell solutions for laptop/mobile computing, desktop, data center, and enterprise servers/storage.
About KIOXIA America, Inc.
KIOXIA America, Inc. is the U.S.-based subsidiary of KIOXIA Corporation, a leading worldwide supplier of flash memory and solid-state drives (SSDs). From the invention of flash memory to today’s breakthrough BiCS FLASH™ 3D technology, KIOXIA continues to pioneer innovative memory, SSD and software solutions that enrich people's lives and expand society's horizons. The company's innovative 3D flash memory technology, BiCS FLASH, is shaping the future of storage in high-density applications, including advanced smartphones, PCs, SSDs, automotive, and data centers.
VMware | May 23, 2022
Broadcom Inc. is in talks to acquire VMware Inc., the cloud-computing company backed by billionaire Michael Dell, according to people familiar with the matter, setting up a blockbuster tech deal that would vault the chipmaker into a highly specialized area of software.
The discussions are ongoing and there’s no guarantee they will lead to a purchase, said the people, who asked not to be identified because the matter isn’t public. VMware currently has a market valuation of about $40 billion. Assuming a typical premium, the potential deal price would be higher, though the terms under consideration couldn’t be learned.
Shares in VMware rose 15% in premarket trading on Monday, which would give the company a market value of about $46 billion. Broadcom, which has a valuation of about $222 billion, fell 2.4%.
The transaction would extend a run of acquisitions for Broadcom Chief Executive Officer Hock Tan, who has built one of the largest and most diversified companies in the chip industry. Software has been a key focus in recent years, with Broadcom buying CA Technologies in 2018 and Symantec Corp.’s enterprise security business in 2019.
A representative for VMware declined to comment. A representative for Broadcom wasn’t available for comment.
“Investors have been increasingly focused on Broadcom’s appetite for another strategic or platform enterprise software acquisition—especially given the recent compression in software valuation, “ Wells Fargo analysts wrote after Bloomberg News’s report. “An acquisition of VMware would be considered as making strategic sense; consistent with Broadcom’s focus on building out a deepening enterprise infrastructure software strategy.”
Broadcom makes a wide range of electronics, with its products going into everything from the iPhone to industrial equipment. But data centers have become a critical source of growth, and bulking up on software gives the company more ways to target that market.
Broadcom was previously in talks to acquire SAS Institute Inc., a closely held software company valued at $15 billion to $20 billion. But those discussions ended last year without a deal.