Vendor specific news

Vendor announcements

  

Taking the next step: OSS-Fuzz in 2023

Posted by Oliver Chang, OSS-Fuzz team Since launching in 2016, Google’s free OSS-Fuzz code testing service has helped get over

  

Detecting credential access without losing cred

Experts from Red Canary, MITRE, and CrowdStrike share detection and testing guidance to keep credentials out of the wrong hands.Red

  

Password-stealing “vulnerability” reported in KeePass – bug or feature?

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed

  

Password-stealing “vulnerability” reported in KeePass – bug or feature?

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed

  

OneNote Documents Increasingly Used to Deliver Malware

Key Findings: The use of Microsoft OneNote documents to deliver malware via email is increasing. Multiple cybercriminal threat actors are

  

7 Key Takeaways for Financial Services from Recent Research

Although the financial services cybersecurity programs are some of the most mature in the world, cybercriminals continue to find ways

  

ChatGPT: Is its use of people’s data even legal?

In the world of AI and machine learning, the sudden massive popularity of language learning models is a hot topic.

  

GitHub code-signing certificates stolen (but will be revoked this week)

There was a breach, so the bad news isn’t great, but the good news isn’t too bad…Naked SecurityRead More

  

The White House on Quantum Encryption and IoT Labels

A recent White House Fact Sheet outlined the current and future U.S. cybersecurity priorities. While most of the topics covered

  

Multiple Vulnerabilities Patched in Quick Restaurant Menu Plugin

On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin

  

Serious Security: MD5 considered harmful – to the tune of $600,000

It’s not just the hashing, by the way. It’s the salting and the stretching, too!Naked SecurityRead More

  

Book review: How has social media rewired our minds?

With the reinstatement of previously banned Twitter luminaries including Donald Trump and Kathy Griffin, now’s the perfect time to do

  

Accidentally Crashing a Botnet

As part of our research into the cryptomining botnet kmsdbot, we rendered it useless.BlogRead More

  

Abuse of Privilege Enabled Long-Term DIB Organization Hack

From November 2021 through January 2022, the Cybersecurity and Infrastructure Security Agency (CISA) responded to an advanced cyberattack on a

  

Taming Big SAP Data Landscapes

New workload-optimized, six to 16-socket servers deliver performance and scale to support the largest SAP HANA TDI environments.Blog | DellRead

  

Under the Hood: Dell PowerProtect Data Manager

An overview of the architecture of Dell’s software-defined data protection platform.Blog | DellRead More

  

Dell Technologies Named CRN’s 2022 Tech Innovator Award Winner

Dell VxRail satellite and dynamic nodes named Winner in the Hyperconverged Infrastructure category.Blog | DellRead More

  

TikTok “Invisible Challenge” porn malware puts us all at risk

An injury to one is an injury to all. Especially if the other people are part of your social network.Naked

  

Configuration Probing: Your Backups Might Be Your Greatest Weakness

Configuration files exist to make life easier for developers and website operators. In a world without configuration files, every instance

  

Getting Personal About Employee IT Needs

Workforce personas help ensure employees have the right technology to be most productive and have a positive user experience.Blog |

  

Expanding API Security Awareness at API World

API security should be a primary concern for organizations. Learn about the three principles of APIs to help protect against

  

Pro Bono at Dell: Giving Our Expertise Year-round

How team members can lend their time and talent pro bono to support nonprofits creating meaningful impact around the world.Blog

  

Wordfence 7.8.0 Is Out! Here Is What Is Included

Wordfence 7.8.0 is out! A huge thanks to our quality assurance team, our team of developers and our ops team

  

28th November– Threat Intelligence Report

For the latest discoveries in cyber research for the week of 28th November, please download our Threat Intelligence Bulletin. Top

  

Chrome fixes 8th zero-day of 2022 – check your version now

There isn’t a rhyme to remind you which months have browser zero-days… you just have to keep your eyes and

  

Voice-scamming site “iSpoof” seized, 100s arrested in massive crackdown

Those numbers or names that pop up when a call comes up? They’re OK as a hint of who’s calling,

  

S3 Ep110: Spotlight on cyberthreats – an expert speaks [Audio + Text]

Latest episode – security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach

  

Speed up your computer with these 5 quick tips

When you turn on your computer in the morning, do you have enough time to brew a cup of coffee

  

CryptoRom “pig butchering” scam sites seized, suspects arrested in US

Five tips to keep yourself, and your friends and family, out of the clutches of “chopping block” scammers…Naked SecurityRead More

  

Security Culture Matters when IT is Decentralized

Decentralization can make enterprises more agile but it also makes IT and network security more complex. Creating a strong security

  

WannaRen Returns as Life Ransomware, Targets India

This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its

  

Audience Hijacking ? A Retailer?s Grinch This Holiday Season

Understand the significant threat that audience hijacking poses to customer online buying journeys and retailers? revenue this holiday season.BlogRead More

  

Looking for love in all the wrong (internet) places

We have seen scams trying to lure guys into relationships for many years. This was so common that back in

  

Mind the Gap

By Ian Beer, Project Zero Note: The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor,

  

How to hack an unpatched Exchange server with rogue PowerShell code

Review your servers, your patches and your authentication policies – there’s a proof-of-concept outNaked SecurityRead More

  

Five Ways to Improve Security Through Modern Endpoint Management

Struggling with an IT-security gap? Learn how modern endpoint management helps strengthen your security profile.Blog | DellRead More

  

64 x 400GbE: A Faster, Greener Data Center

Data centers are scaling up to accommodate the continuous growth of network traffic.Blog | DellRead More

  

Demystifying Observability in the SRE Process

Dell IT shares a closer look at observability techniques that can help your organization improve site stability with SRE.Blog |

  

Wartime Sparks Unpredictable Shifts in DDoS Targeting

DDoS cyberattacks targeting European customers on the Akamai Prolexic platform are increasing worldwide, In response, Akamai unveiled its new DDoS

  

Manage Akamai Features at the Edge with EdgeWorkers and EdgeKV

EdgeWorkers and EdgeKV lets you set feature flags that tailor content to different website visitors.BlogRead More

  

Driving our Customers’ Businesses Forward

Dell Technologies is helping customers and partners realize their digital future in any environment.Blog | DellRead More

  

How social media scammers buy time to steal your 2FA codes

The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server… but the

  

21st November– Threat Intelligence Report

For the latest discoveries in cyber research for the week of 21st November, please download our Threat Intelligence Bulletin. Top

  

Secure, Isolate and Recover Critical Data with Google Cloud

Dell expands Google Cloud portfolio with PowerProtect Cyber Recovery vault to recover critical data from cyberattacks.Blog | DellRead More

  

Bringing Dell Data Services and Software Innovations ​to AWS

Helping organizations bring cloud capabilities to the enterprise and enterprise capabilities to public clouds.Blog | DellRead More

  

Four Steps: Effective API Security Using a Digital Bonding Strategy

Focus on API security as part of your digital bonding strategy, because APIs are already connecting your business activities.BlogRead More

  

Moving Sustainability Forward with Dell APEX

Dell APEX, by design, is a significant step forward in embracing Dell’s commitment to the Green Data Center.Blog | DellRead

  

Managing Your Organization’s Digital Transformation Costs with Dell APEX

Learn how businesses like yours are investing in digital transformation, featuring Forrester research.Blog | DellRead More

  

Enabling Open Embedded Systems Management on PowerEdge Servers

Simplify and scale IT operations with Open Embedded Systems Management.Blog | DellRead More

  

Akamai Is Delighted to Partner with Teneo and Bytes Software Services

Akamai?s partnerships with Teneo and Bytes Software Solutions help us to adapt, grow, and innovate in an ever-changing landscape.BlogRead More

  

Earth Preta Spear-Phishing Governments Worldwide

We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that

  

S3 Ep109: How one leaked email password could drain your business

Latest episode – listen now! Cybersecurity news plus loads of great advice…Naked SecurityRead More

  

Black Friday and retail season – watch out for PayPal “money request” scams

Don’t let a keen eye for bargains lead you into risky online behaviour…Naked SecurityRead More

  

Coming Soon: Backup Target from Dell APEX

Focus on innovation, not infrastructure, with backup storage from Dell APEX.Blog | DellRead More

  

Simplified Data Protection – the New PowerProtect Data Manager Appliance

Modern and secure multicloud data protection made easy.Blog | DellRead More

  

Dell Delivers Cyber Recovery Guarantee

Increase confidence in data recovery.Blog | DellRead More

  

What?s New for Developers: November 2022

Read about the EdgeGrid PHP client update, EdgeWorkers news, the Terraform Provider 3.0 release, and the new Build, Deliver &

  

How to be a savvy online shopper this holiday season

With the holiday shopping season starting earlier and earlier, you’ve probably already jumped into the world of holiday online shopping

  

Global Cyber Risk at Elevated Level

North America Least Prepared for CyberattacksTrend Micro Research, News and PerspectivesRead More

  

Talking Democratization of Citizen Services with Oswaldo Mestre, Jr.

In this episode of TechBeat, AB welcomes Oswaldo Mestre, Jr., Director of Citizen Services and Chief Services Officer for the

  

Email Security Best Practices for Phishing Prevention

Trend Micro Research reported a 137.6% growth in phishing attacks blocked and detected in 2021. Explore the latest phishing trends

  

City of Buffalo 311 Receives Global Recognition from Smart City Expo World Congress

In just 48 hours, collaboration between the City of Buffalo, the University of Buffalo, and Cisco enabled the city’s call

  

Costa Rica State of Emergency Declared After Ransomware Attacks

In late April, after weeks of major ransomware attacks, Costa Rica declared a state of emergency. Newly-elected President Rodrigo Chaves

  

Firefox fixes fullscreen fakery flaw – get the update now!

What’s so bad about a web page going fullscreen without warning you first?Naked SecurityRead More

  

The New Face of Hacktivism

For decades, hacktivism has been associated with groups like Anonymous. Recently, though, something has changed. An entirely new kind of

  

Build the Private 5G Network of Your Dreams

Achieving your business’ 5G connectivity dreams doesn’t have to be a challenge. Dell Technologies Services makes it a simple reality.Blog

  

SD-WAN Integration: Routing Traffic to Optimize Network Performance

Optimize network performance with SD-WAN integration to automatically route traffic to the nearest Akamai Secure Internet Access point of presence.BlogRead

  

Pilfered Keys: Free App Infected by Malware Steals Keychain Data

Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused

  

Dell Technologies Helps Power NASA’s Artemis I to the Moon

Talk about mission critical systems.Blog | DellRead More

  

Will Cloud-Native Network Security Oust Firewalls?

Security threats have already begun to outpace cloud firewalls. It’s a fact. But organizations exploring new cloud-native solution find themselves

  

Electricity/Energy Cybersecurity: Trends & Survey Response

Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper

  

Using AI as an offensive cyber weapon

AI is a double-edged sword. It has enabled the creation of software tools that have helped to automate tasks such

  

Log4Shell-like code execution hole in popular Backstage dev tool

Researchers at cloud coding security company Oxeye have written up a critical bug that they recently discovered in the popular

  

Not Just for the Government: Using the NIST Framework to Secure WordPress

When setting up a WordPress website, it is easy to focus on the look and feel of the website, while

  

Akamai?s Perspective on November?s Patch Tuesday

Every Patch Tuesday stirs up the community. See Akamai’s insights and recommendations on what to focus on, and patch, patch,

  

Tackle Your Cloud Challenges, One Scenario at a Time

Forrester?s quick start cards cover 18 common issues with cloud migrations and operations, and suggest actions to mitigate each one.BlogRead

  

Deliver AI at any Scale: Dell/NVIDIA Enterprise Architecture

Deploy and manage the world’s most demanding AI models at any scale with a flexible, modular, enterprise-ready technology stack.Blog |

  

“Gucci Master” business email scammer Hushpuppi gets 11 years

Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world…Naked SecurityRead More

  

Innovation by Design

Concept Luna drives revolutionary ideas to inspire the future of sustainable product design.Blog | DellRead More

  

Catch the AI Wave with Powerful Super Computing Solutions

Dell accelerates AI-driven outcomes.Blog | DellRead More

  

Speed is Currency in Financial Services

New Dell Validated Design enables financial services to analyze data faster to improve customer experiences and outpace competitors.Blog | DellRead

  

Shift into High Gear with High Performance Computing

Dell APEX High Performance Computing enables you to focus on innovation, we manage the rest.Blog | DellRead More

  

14th November– Threat Intelligence Report

For the latest discoveries in cyber research for the week of 14th November, please download our Threat Intelligence Bulletin. Top

  

Protect Your Data from the Most Sophisticated Cyberthreats

Content-based analysis with advanced machine learning delivers confidence that data can be recovered from sophisticated cyberthreats.Blog | DellRead More

  

Dangerous SIM-swap lockscreen bypass – update Android now!

A bit like leaving the front door keys under the doormat…Naked SecurityRead More

  

Accelerated Computing Specialists – ebb3

Learn about Dell’s partnership with ebb3 in delivering technology solutions for architecture, engineering and construction companies.Blog | DellRead More

  

Kominfo Selects Cisco to Power First-Ever Hybrid G20 Summit in Indonesia

Indonesia’s Ministry of Communication and Information (Kominfo) has selected Cisco to power the first-ever hybrid G20 2022 Summit in Bali,

  

New phishing campaign posing as Spain’s Tax Agency

There’s a brand new phishing campaign on the run in Spain that poses as the Spanish Tax Agency, Agencia Tributaria. blog.avast.com

  

Improve user security with UX design using these tips

Neglecting user security puts users at risk financially, professionally and even sometimes physically. When it comes to user experience, we

  

CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS

This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used

  

Dell PowerEdge Servers – Accelerating Performance with AMD for What’s Next

Looking for world-record performance that requires less space in a data center and that can be air-cooled, look no further.Blog

  

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks – listen now!Naked SecurityRead More

  

Twitter Blue means bad things for the platform’s security

Shortly after acquiring Twitter, Elon Musk announced that Twitter will be launching an $8 monthly subscription that gives users the

  

KmsdBot: The Attack and Mine Malware

Akamai security research has observed a new malware: a cryptominer with dreams of DDoS functionality. Read about kmdsbot in this

  

Evolving Digital Experiences at the Edge

The modern application has evolved and shifted to the edge. This inevitable adoption is improving the digital experience for end

  

Operational Considerations for Open RAN

What are the key operator considerations for deployment of Open RAN.Blog | DellRead More

  

World Cup 2022: Watch out for scams

In less than two weeks, the largest sporting event in the world will begin: The FIFA World Cup 2022. According

  

Emergency code execution patch from Apple – but not an 0-day

Not a zero-day, but important enough for a quick-fire patch to one system library…Naked SecurityRead More

  

4 Types of Cyber Crime Groups

Discover the four main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, and

  

Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

In all the excitement, we kind of lost count ourselves. Were there six 0-days, or only four?Naked SecurityRead More

  

Driving Machine Learning Solutions to Success Through Model Interpretability

A data science project’s success or failure can rest on a few key factors. Discover how to increase your chances

  

Collaboration is Key to a More Secure Future

Deepening the Dell and National Cybersecurity Alliance relationship.Blog | DellRead More

  

On-Ramping Traffic to a Cloud-Based Secure Web Gateway

Though cloud-based secure web gateways (SWGs) eliminate many problems, it?s important to select the right approach to on-ramping traffic based