VIRTUAL DESKTOP STRATEGIES
Citrix | June 22, 2022
When it comes to protecting apps and data in the world of hybrid work, zero-trust network access (ZTNA) is the name of the game. And according to the GigaOm Radar for Zero-Trust Network Access, Citrix Systems, Inc.is a Leader and Fast Mover in delivering solutions companies can use to win it.
“Virtual private networks (VPNs) have long been the default method of securing remote access, However, VPNs are limited with respect to the level of control they can provide, as they are unable to take into consideration the context in which legitimate users are accessing resources.”
Chris Ray, Security Researcher, GigaOm
Designed to assist IT organizations in identifying more modern ZTNA solutions that provide greater control, the GigaOm Radar for Zero-Trust Network Access evaluated 12 vendors on the following criteria:
AM & MFA Vendor Integrations
Cloud & SaaS Integrations
Unmanaged Device Support
Legacy Application Support
Session Monitoring Capabilities
Citrix was ranked as a Leader and Fast Mover in all categories, and noted for the extensibility, integration maturity and technical innovation of its ZTNA solutions.
Citrix provides a unified stack of cloud-delivered secure access solutions that give employees the flexibility and choice to work where and how they prefer and IT the visibility and control to ensure they do so in a secure manner.
“When it comes to securing apps and data, there’s more at stake than protecting against threats and vulnerabilities,” said Pankaj Gupta, Senior Director, Product Management, Citrix. “To remain productive and engaged, employees must be able to access the resources they need to get work done in a hassle-free way that is transparent to them.”
With Citrix, they can. Citrix secure access solutions leverage the latest ZTNA technology to secure user access to all corporate applications—web, SaaS, client/server, and desktop as a service (DaaS)—whether they're deployed in public clouds or on-premises datacenters. Unlike traditional VPN and SSO which authenticate at login only, Citrix ZTNA solutions continuously evaluate risk factors throughout each session. When suspicious activity is detected, granular security controls automatically kick and work in the background to change how users are authorized to interact with apps to keep things safe without hampering their experience.
“Citrix’s strategy to combine holistic security with a great user experience is a key differentiator,” Ray notes. Among the other strengths called out within the report:
Completeness of solution
Very strong, well-thought-out features
Unmanaged device support through a remote browser
Robust data loss prevention technologies
Simple, mature integrations with other technologies
“Network and application security has gotten complicated, and we are pleased to be recognized by GigaOm as a leader in delivering solutions that companies can use to simplify it by enacting a modern approach that supports the future of work,” Gupta said.
GigaOm provides technical, operational, and business advice for IT’s strategic digital enterprise and business initiatives. Enterprise business leaders, CIOs, and technology organizations partner with GigaOm for practical, actionable, strategic, and visionary advice for modernizing and transforming their business. GigaOm’s advice empowers enterprises to successfully compete in an increasingly complicated business atmosphere that requires a solid understanding of constantly changing customer demands.
GigaOm works directly with enterprises both inside and outside of the IT organization to apply proven research and methodologies designed to avoid pitfalls and roadblocks while balancing risk and innovation. Research methodologies include but are not limited to adoption and benchmarking surveys, use cases, interviews, ROI/TCO, market landscapes, strategic trends, and technical benchmarks. Our analysts possess 20+ years of experience advising a spectrum of clients from early adopters to mainstream enterprises.
GigaOm’s perspective is that of the unbiased enterprise practitioner. Through this perspective, GigaOm connects with engaged and loyal subscribers on a deep and meaningful level.
Citrix builds the secure, unified digital workspace technology that helps organizations unlock human potential and deliver a consistent workspace experience wherever work needs to get done. With Citrix, users get a seamless work experience and IT has a unified platform to secure, manage, and monitor diverse technologies in complex cloud environments.
For Citrix Investors:
This release contains forward-looking statements which are made pursuant to the safe harbor provisions of Section 27A of the Securities Act of 1933 and of Section 21E of the Securities Exchange Act of 1934. The forward-looking statements in this release do not constitute guarantees of future performance. Those statements involve a number of factors that could cause actual results to differ materially, including risks associated with the impact of the global economy and uncertainty in the IT spending environment, revenue growth and recognition of revenue, products and services, their development and distribution, product demand and pipeline, economic and competitive factors, the Company's key strategic relationships, acquisition and related integration risks as well as other risks detailed in the Company's filings with the Securities and Exchange Commission. Citrix assumes no obligation to update any forward-looking information contained in this press release or with respect to the announcements described herein. The development, release and timing of any features or functionality described for our products remains at our sole discretion and is subject to change without notice or consultation. The information provided is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making purchasing decisions or incorporated into any contract.
VMware | February 09, 2022
As the most common cloud operating system, Linux is a core part of digital infrastructure and is quickly becoming an attacker’s ticket into a multi-cloud environment. Current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks that target Linux-based workloads.
VMware, Inc. released a threat report titled “Exposing Malware in Linux-based Multi-Cloud Environments.” Key findings that detail how cybercriminals are using malware to target Linux-based operating systems include:
Ransomware is evolving to target Linux host images used to spin workloads in virtualized environments;
89 percent of cryptojacking attacks use XMRig-related libraries; and
More than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly.
Cybercriminals are dramatically expanding their scope and adding malware that targets Linux-based operating systems to their attack toolkit in order to maximize their impact with as little effort as possible. Rather than infecting an endpoint and then navigating to a higher value target, cybercriminals have discovered that compromising a single server can deliver the massive payoff and access they’re looking for. Attackers view both public and private clouds as high-value targets due to the access they provide to critical infrastructure services and confidential data. Unfortunately, current malware countermeasures are mostly focused on addressing Windows-based threats, leaving many public and private cloud deployments vulnerable to attacks on Linux-based operating systems.”
Giovanni Vigna, senior director of threat intelligence at VMware
As malware targeting Linux-based operating systems increases in both volume and complexity amid a rapidly changing threat landscape, organizations must place a greater priority on threat detection. In this report, the VMware Threat Analysis Unit (TAU) analyzed the threats to Linux-based operating systems in multi-cloud environments: ransomware, cryptominers, and remote access tools.
Ransomware Targets the Cloud to Inflict Maximum Damage
As one of the leading breach causes for organizations, a successful ransomware attack on a cloud environment can have devastating consequences.(2) Ransomware attacks against cloud deployments are targeted, and are often combined with data exfiltration, implementing a double-extortion scheme that improves the odds of success. A new development shows that ransomware is evolving to target Linux host images used to spin workloads in virtualized environments. Attackers are now looking for the most valuable assets in cloud environments to inflict the maximum amount of damage to the target. Examples include the Defray777 ransomware family, which encrypted host images on ESXi servers, and the DarkSide ransomware family, which crippled Colonial Pipeline’s networks and caused a nationwide gasoline shortage in the U.S.
Cryptojacking Attacks Use XMRig to Mine Monero
Cybercriminals looking for an instant monetary reward often target cryptocurrencies using one of two approaches. Cybercriminals either include wallet-stealing functionality in malware or they monetize stolen CPU cycles to successfully mine cryptocurrencies in an attack called cryptojacking. Most cryptojacking attacks focus on mining the Monero currency (or XMR) and VMware TAU discovered that 89 percent of cryptominers used XMRig-related libraries. For this reason, when XMRig-specific libraries and modules in Linux binaries are identified, it is likely evidence of malicious cryptomining behavior. VMware TAU also observed that defense evasion is the most commonly used technique by cryptominers. Unfortunately, because cryptojacking attacks do not completely disrupt the operations of cloud environments like ransomware, they are much more difficult to detect.
Cobalt Strike Is Attackers’ Remote Access Tool of Choice
In order to gain control and persist within an environment, attackers look to install an implant on a compromised system that gives them partial control of the machine. Malware, webshells, and Remote Access Tools (RATs) can all be implants used by attackers in a compromised system to allow for remote access. One of the primary implants used by attackers is Cobalt Strike, a commercial penetration testing and red team tool, and its recent variant of Linux-based Vermilion Strike. Since Cobalt Strike is such a ubiquitous threat on Windows, the expansion out to the Linux-based operating system demonstrates the desire of threat actors to use readily available tools that target as many platforms as possible.
VMware TAU discovered more than 14,000 active Cobalt Strike Team Servers on the Internet between February 2020 and November 2021. The total percentage of cracked and leaked Cobalt Strike customer IDs is 56 percent, meaning that more than half of Cobalt Strike users may be cybercriminals, or at least using Cobalt Strike illicitly. The fact that RATs like Cobalt Strike and Vermilion Strike have become a commodity tool for cybercriminals poses a significant threat to enterprises.
“Since we conducted our analysis, even more ransomware families were observed gravitating to malware targeting Linux-based systems, with the potential for additional attacks that could leverage the Log4j vulnerabilities,” said Brian Baskin, manager of threat research at VMware. “The findings in this report can be used to better understand the nature of this malware and mitigate the growing threat that ransomware, cryptomining, and RATs have on multi-cloud environments. As attacks targeting the cloud continue to evolve, organizations should adopt a Zero Trust approach to embed security throughout their infrastructure and systematically address the threat vectors that make up their attack surface.”
The VMware Threat Analysis Unit (TAU) helps protect customers from cyberattacks through innovation and world-class research. TAU is composed of malware analysts, reverse engineers, threat hunters, data scientists, and intelligence analysts at VMware. To understand how to detect and prevent attacks that bypass traditional, file-centric, prevention strategies, TAU focuses on techniques that were once the domain of advanced hackers and are now moving downstream into the commodity attack market. The team leverages real-time big data, event streaming processing, static, dynamic and behavioral analytics, and machine learning.
TAU applied a composition of static and dynamic techniques to characterize various families of malware observed on Linux-based systems based on a curated dataset of metadata associated with Linux binaries. All the samples in this dataset are public and therefore they can be easily accessed using VirusTotal or various websites of major Linux distributions. TAU collected more than 11,000 benign samples from several Linux distributions, namely, Ubuntu, Debian, Mint, Fedora, CentOS, and Kali. TAU then collected a dataset of samples for two classes of threats, namely ransomware and cryptominers. Finally, TAU collected a dataset of malicious ELF binaries from VirusTotal that were used as a test malicious dataset. TAU started collecting the dataset in June 2021 and concluded in November 2021.
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.
Supernatural | December 23, 2021
Supernatural, the leading virtual reality fitness experience, announced that actress, comedian and producer Tiffany Haddish will be its next guest coach. The breakout star will lead workouts in virtual reality as part of Supernatural's second annual This Year, Be You campaign that will kick off on January 1, 2022.
Supernatural is a connected fitness app that uses the power and benefits of virtual reality—through the Meta Quest 2—to provide members with immersive health and wellness experiences. With workouts that integrate both mind and body movement, Supernatural creates an experience that is focused on making fitness fun. Supernatural offers members an industry-leading music library with the most expansive collection of major-label music with more than 1000 songs from the world's biggest artists, and awe-inspiring photoreal workout destinations that make working out a joyful experience.
"I became addicted to Supernatural last year,"
saidTiffany Haddish. "I've never felt so powerful or had so much fun working out. I can travel the world from my living room, move to music I love, and feel like a superhero every day. My mission in life is to spread joy and empower people and, as a Supernatural Guest Coach, I get to spread that goodness in a way that also gets people sweating and smiling as they get a great workout."
Tiffany Haddish will lead Supernatural members through the start of their 2022 fitness journey, encouraging everyone to make a resolution to embrace their true selves this year, all while breaking a sweat and having a great time. Throughout the month of January, she will coach four Supernatural sessions: Boxing, Flow—Supernatural's original cardio workout—guided meditation and a stretch session.
Tiffany is not just a force for joy, she is a force for good, breaking boundaries and expectations with everything she does. With this series, we're proud to have her share her unmatched energy with the Supernatural community through a series of workouts that invite you to take on the most welcoming, positive and joyful new years resolution possible."
Chris Milk, Supernatural Co-Founder and CEO
Haddish has been very open about her own fitness journey, and already has a keen interest in the world of virtual reality. During the COVID-19 pandemic, Haddish started incorporating virtual reality into her workout routine and became hooked on Supernatural, losing over fifty pounds in the process.
Supernatural members will have access to This Year, Be You with Tiffany Haddish starting on New Year's Day. Each Supernatural membership includes access to the full and ever-expanding catalog of integrated fitness offerings plus a curated selection of Supernatural Programs and Collections designed to help members meet individual fitness goals with results that benefit both body and mind. Sign up for a free trial followed by $18.99/month or $179.99/year. Membership automatically begins and renews monthly after the free trial ends. Cancel at any time.
Supernatural launched in April of 2020 as the world's first subscription-based, full-body fitness service for virtual reality. Designed for Meta Quest and paired with your smartphone, Supernatural provides users with expertly coached daily workouts, detailed fitness tracking, an expansive catalog of music and a chance to exercise in the world's most beautiful locations without ever leaving home.
About Tiffany Haddish
Tiffany Haddish is a comedian, actress, and producer who was the breakout star of the smash comedy Girls Trip, where she appeared as the scene-stealing "Dina" alongside Jada Pinkett Smith, Queen Latifah, and Regina Hall. Her additional film and television work includes The Last O.G., Night School, The Carmichael Show, Keanu, and a turn as host of the 2018 MTV Movie and TV Awards. Her debut stand-up special, Tiffany Haddish: She Ready! From the Hood to Hollywood, debuted on Showtime in August 2017. In November 2017, she made history by becoming the first black female stand-up comedian to host Saturday Night Live. She currently lives in Los Angeles.
Netooze | May 10, 2022
The cloud truly levels the playing field, giving large and small companies the ability to store information in remote data centers rather than on-site. And with the rise of the work-from-home initiative, the global cloud computing market is expected to grow from $445 billion in 2021 to $947 billion USD by 2026.
Enter: Netooze, a new vStack and VMware Cloud-Service that lets you configure and deploy virtual servers, configure network circuits, order SSL certificates, and administer domain zones and monitoring.
Like similar offerings from other hyperscalers like AWS, Netooze's service provides access to the entire vStack and VMware stack that runs natively on its infrastructure, giving enterprises a consistent vSphere-based environment.
The use cases for VMware services provided by hyperscalers typically include application modernisation and migration, hybrid-cloud and disaster recovery. These are expected to drive demand for Netooze's Clould service as well.
Enterprises that intend to modernize their workloads on Netooze Cloud can also tap into the full suite of cloud services to infuse their applications with cloud-native capabilities.
"In today's app-driven economy, more enterprises are adopting a hybrid cloud model to accelerate their digital transformation," said Dean Jones, CEO at Netooze.
"Netooze Cloud helps customers modernize applications, infrastructure and operations faster with demonstrable economic benefits and less risk," he added.
Netooze Cloud also expects financial companies to sign up for its VMware service, noting that it will bring its technology know-how, as well as that of VMware, to power the transformation of financial institutions.
With technological advances, the future is set to be highly competitive and agility is the need of the hour
Netooze cloud-benefits include:
One of the lowest priced cloud-servers on the market.
Netooze servers are lightning fast, secure, and simple to set up and operate.
The VM-Servers are built on the newest Intel® Scalable CPUs with a 3.1 GHz clock speed and enable a revolutionary new-level of cloud-computing.
Servers make use of VMware's ESXi hypervisor, as well as DRS and high-availability capabilities.
Servers automatically restore functioning and assign assured server resources in the event of a hardware breakdown.
Netooze is an ideal option for users who provide managed hosting services for web applications or websites in shared environments.
Great tool for tech-savvy start-ups
Works on What-You-See-Is-What-You-Pay model
Has a user-friendly management interface
Time to create a ready-to-run VM is no more than 40-seconds (including VMs with Windows-Server-OS)
99.9% uptime Service Level Agreement (SLA).
Free DNS management for domains
A new era of inclusivity, collaboration, and creativity is on the horizon, and Netooze will play a key role.
Netooze is a cloud service provider of virtual infrastructure rental services, SSL certificates, and free DNS hosting. Construct your cloud architecture with VMware ESXi software which use VMware's ESXi hypervisor, as well as DRS and high-availability capabilities.