Vendor specific news

Vendor announcements


Taking the next step: OSS-Fuzz in 2023

Posted by Oliver Chang, OSS-Fuzz team Since launching in 2016, Google’s free OSS-Fuzz code testing service has helped get over


Detecting credential access without losing cred

Experts from Red Canary, MITRE, and CrowdStrike share detection and testing guidance to keep credentials out of the wrong hands.Red


Password-stealing “vulnerability” reported in KeePass – bug or feature?

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed


Password-stealing “vulnerability” reported in KeePass – bug or feature?

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed


OneNote Documents Increasingly Used to Deliver Malware

Key Findings: The use of Microsoft OneNote documents to deliver malware via email is increasing. Multiple cybercriminal threat actors are


7 Key Takeaways for Financial Services from Recent Research

Although the financial services cybersecurity programs are some of the most mature in the world, cybercriminals continue to find ways


ChatGPT: Is its use of people’s data even legal?

In the world of AI and machine learning, the sudden massive popularity of language learning models is a hot topic.


GitHub code-signing certificates stolen (but will be revoked this week)

There was a breach, so the bad news isn’t great, but the good news isn’t too bad…Naked SecurityRead More


The White House on Quantum Encryption and IoT Labels

A recent White House Fact Sheet outlined the current and future U.S. cybersecurity priorities. While most of the topics covered


Multiple Vulnerabilities Patched in Quick Restaurant Menu Plugin

On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin


Serious Security: MD5 considered harmful – to the tune of $600,000

It’s not just the hashing, by the way. It’s the salting and the stretching, too!Naked SecurityRead More


Book review: How has social media rewired our minds?

With the reinstatement of previously banned Twitter luminaries including Donald Trump and Kathy Griffin, now’s the perfect time to do


Accidentally Crashing a Botnet

As part of our research into the cryptomining botnet kmsdbot, we rendered it useless.BlogRead More


Abuse of Privilege Enabled Long-Term DIB Organization Hack

From November 2021 through January 2022, the Cybersecurity and Infrastructure Security Agency (CISA) responded to an advanced cyberattack on a


Taming Big SAP Data Landscapes

New workload-optimized, six to 16-socket servers deliver performance and scale to support the largest SAP HANA TDI environments.Blog | DellRead


Under the Hood: Dell PowerProtect Data Manager

An overview of the architecture of Dell’s software-defined data protection platform.Blog | DellRead More


Dell Technologies Named CRN’s 2022 Tech Innovator Award Winner

Dell VxRail satellite and dynamic nodes named Winner in the Hyperconverged Infrastructure category.Blog | DellRead More


TikTok “Invisible Challenge” porn malware puts us all at risk

An injury to one is an injury to all. Especially if the other people are part of your social network.Naked


Configuration Probing: Your Backups Might Be Your Greatest Weakness

Configuration files exist to make life easier for developers and website operators. In a world without configuration files, every instance


Getting Personal About Employee IT Needs

Workforce personas help ensure employees have the right technology to be most productive and have a positive user experience.Blog |


Expanding API Security Awareness at API World

API security should be a primary concern for organizations. Learn about the three principles of APIs to help protect against


Pro Bono at Dell: Giving Our Expertise Year-round

How team members can lend their time and talent pro bono to support nonprofits creating meaningful impact around the world.Blog


Wordfence 7.8.0 Is Out! Here Is What Is Included

Wordfence 7.8.0 is out! A huge thanks to our quality assurance team, our team of developers and our ops team


28th November– Threat Intelligence Report

For the latest discoveries in cyber research for the week of 28th November, please download our Threat Intelligence Bulletin. Top


Chrome fixes 8th zero-day of 2022 – check your version now

There isn’t a rhyme to remind you which months have browser zero-days… you just have to keep your eyes and


Voice-scamming site “iSpoof” seized, 100s arrested in massive crackdown

Those numbers or names that pop up when a call comes up? They’re OK as a hint of who’s calling,


S3 Ep110: Spotlight on cyberthreats – an expert speaks [Audio + Text]

Latest episode – security expert John Shier explains what the real-life cybercrime stories in the Sophos Threat Report can teach


Speed up your computer with these 5 quick tips

When you turn on your computer in the morning, do you have enough time to brew a cup of coffee


CryptoRom “pig butchering” scam sites seized, suspects arrested in US

Five tips to keep yourself, and your friends and family, out of the clutches of “chopping block” scammers…Naked SecurityRead More


Security Culture Matters when IT is Decentralized

Decentralization can make enterprises more agile but it also makes IT and network security more complex. Creating a strong security


WannaRen Returns as Life Ransomware, Targets India

This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its


Audience Hijacking ? A Retailer?s Grinch This Holiday Season

Understand the significant threat that audience hijacking poses to customer online buying journeys and retailers? revenue this holiday season.BlogRead More


Looking for love in all the wrong (internet) places

We have seen scams trying to lure guys into relationships for many years. This was so common that back in


Mind the Gap

By Ian Beer, Project Zero Note: The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor,


How to hack an unpatched Exchange server with rogue PowerShell code

Review your servers, your patches and your authentication policies – there’s a proof-of-concept outNaked SecurityRead More


Five Ways to Improve Security Through Modern Endpoint Management

Struggling with an IT-security gap? Learn how modern endpoint management helps strengthen your security profile.Blog | DellRead More


64 x 400GbE: A Faster, Greener Data Center

Data centers are scaling up to accommodate the continuous growth of network traffic.Blog | DellRead More


Demystifying Observability in the SRE Process

Dell IT shares a closer look at observability techniques that can help your organization improve site stability with SRE.Blog |


Wartime Sparks Unpredictable Shifts in DDoS Targeting

DDoS cyberattacks targeting European customers on the Akamai Prolexic platform are increasing worldwide, In response, Akamai unveiled its new DDoS


Manage Akamai Features at the Edge with EdgeWorkers and EdgeKV

EdgeWorkers and EdgeKV lets you set feature flags that tailor content to different website visitors.BlogRead More


Driving our Customers’ Businesses Forward

Dell Technologies is helping customers and partners realize their digital future in any environment.Blog | DellRead More


How social media scammers buy time to steal your 2FA codes

The warning is hosted on a real Facebook page; the phishing uses HTTPS via a real Google server… but the


21st November– Threat Intelligence Report

For the latest discoveries in cyber research for the week of 21st November, please download our Threat Intelligence Bulletin. Top


Secure, Isolate and Recover Critical Data with Google Cloud

Dell expands Google Cloud portfolio with PowerProtect Cyber Recovery vault to recover critical data from cyberattacks.Blog | DellRead More


Bringing Dell Data Services and Software Innovations ​to AWS

Helping organizations bring cloud capabilities to the enterprise and enterprise capabilities to public clouds.Blog | DellRead More


Four Steps: Effective API Security Using a Digital Bonding Strategy

Focus on API security as part of your digital bonding strategy, because APIs are already connecting your business activities.BlogRead More


Moving Sustainability Forward with Dell APEX

Dell APEX, by design, is a significant step forward in embracing Dell’s commitment to the Green Data Center.Blog | DellRead


Managing Your Organization’s Digital Transformation Costs with Dell APEX

Learn how businesses like yours are investing in digital transformation, featuring Forrester research.Blog | DellRead More


Enabling Open Embedded Systems Management on PowerEdge Servers

Simplify and scale IT operations with Open Embedded Systems Management.Blog | DellRead More


Akamai Is Delighted to Partner with Teneo and Bytes Software Services

Akamai?s partnerships with Teneo and Bytes Software Solutions help us to adapt, grow, and innovate in an ever-changing landscape.BlogRead More


Earth Preta Spear-Phishing Governments Worldwide

We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that


S3 Ep109: How one leaked email password could drain your business

Latest episode – listen now! Cybersecurity news plus loads of great advice…Naked SecurityRead More


Black Friday and retail season – watch out for PayPal “money request” scams

Don’t let a keen eye for bargains lead you into risky online behaviour…Naked SecurityRead More


Coming Soon: Backup Target from Dell APEX

Focus on innovation, not infrastructure, with backup storage from Dell APEX.Blog | DellRead More


Simplified Data Protection – the New PowerProtect Data Manager Appliance

Modern and secure multicloud data protection made easy.Blog | DellRead More


Dell Delivers Cyber Recovery Guarantee

Increase confidence in data recovery.Blog | DellRead More


What?s New for Developers: November 2022

Read about the EdgeGrid PHP client update, EdgeWorkers news, the Terraform Provider 3.0 release, and the new Build, Deliver &


How to be a savvy online shopper this holiday season

With the holiday shopping season starting earlier and earlier, you’ve probably already jumped into the world of holiday online shopping


Global Cyber Risk at Elevated Level

North America Least Prepared for CyberattacksTrend Micro Research, News and PerspectivesRead More


Talking Democratization of Citizen Services with Oswaldo Mestre, Jr.

In this episode of TechBeat, AB welcomes Oswaldo Mestre, Jr., Director of Citizen Services and Chief Services Officer for the


Email Security Best Practices for Phishing Prevention

Trend Micro Research reported a 137.6% growth in phishing attacks blocked and detected in 2021. Explore the latest phishing trends


City of Buffalo 311 Receives Global Recognition from Smart City Expo World Congress

In just 48 hours, collaboration between the City of Buffalo, the University of Buffalo, and Cisco enabled the city’s call


Costa Rica State of Emergency Declared After Ransomware Attacks

In late April, after weeks of major ransomware attacks, Costa Rica declared a state of emergency. Newly-elected President Rodrigo Chaves


Firefox fixes fullscreen fakery flaw – get the update now!

What’s so bad about a web page going fullscreen without warning you first?Naked SecurityRead More


The New Face of Hacktivism

For decades, hacktivism has been associated with groups like Anonymous. Recently, though, something has changed. An entirely new kind of


Build the Private 5G Network of Your Dreams

Achieving your business’ 5G connectivity dreams doesn’t have to be a challenge. Dell Technologies Services makes it a simple reality.Blog


SD-WAN Integration: Routing Traffic to Optimize Network Performance

Optimize network performance with SD-WAN integration to automatically route traffic to the nearest Akamai Secure Internet Access point of presence.BlogRead


Pilfered Keys: Free App Infected by Malware Steals Keychain Data

Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused


Dell Technologies Helps Power NASA’s Artemis I to the Moon

Talk about mission critical systems.Blog | DellRead More


Will Cloud-Native Network Security Oust Firewalls?

Security threats have already begun to outpace cloud firewalls. It’s a fact. But organizations exploring new cloud-native solution find themselves


Electricity/Energy Cybersecurity: Trends & Survey Response

Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper


Using AI as an offensive cyber weapon

AI is a double-edged sword. It has enabled the creation of software tools that have helped to automate tasks such


Log4Shell-like code execution hole in popular Backstage dev tool

Researchers at cloud coding security company Oxeye have written up a critical bug that they recently discovered in the popular


Not Just for the Government: Using the NIST Framework to Secure WordPress

When setting up a WordPress website, it is easy to focus on the look and feel of the website, while


Akamai?s Perspective on November?s Patch Tuesday

Every Patch Tuesday stirs up the community. See Akamai’s insights and recommendations on what to focus on, and patch, patch,


Tackle Your Cloud Challenges, One Scenario at a Time

Forrester?s quick start cards cover 18 common issues with cloud migrations and operations, and suggest actions to mitigate each one.BlogRead


Deliver AI at any Scale: Dell/NVIDIA Enterprise Architecture

Deploy and manage the world’s most demanding AI models at any scale with a flexible, modular, enterprise-ready technology stack.Blog |


“Gucci Master” business email scammer Hushpuppi gets 11 years

Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world…Naked SecurityRead More


Innovation by Design

Concept Luna drives revolutionary ideas to inspire the future of sustainable product design.Blog | DellRead More


Catch the AI Wave with Powerful Super Computing Solutions

Dell accelerates AI-driven outcomes.Blog | DellRead More


Speed is Currency in Financial Services

New Dell Validated Design enables financial services to analyze data faster to improve customer experiences and outpace competitors.Blog | DellRead


Shift into High Gear with High Performance Computing

Dell APEX High Performance Computing enables you to focus on innovation, we manage the rest.Blog | DellRead More


14th November– Threat Intelligence Report

For the latest discoveries in cyber research for the week of 14th November, please download our Threat Intelligence Bulletin. Top


Protect Your Data from the Most Sophisticated Cyberthreats

Content-based analysis with advanced machine learning delivers confidence that data can be recovered from sophisticated cyberthreats.Blog | DellRead More


Dangerous SIM-swap lockscreen bypass – update Android now!

A bit like leaving the front door keys under the doormat…Naked SecurityRead More


Accelerated Computing Specialists – ebb3

Learn about Dell’s partnership with ebb3 in delivering technology solutions for architecture, engineering and construction companies.Blog | DellRead More


Kominfo Selects Cisco to Power First-Ever Hybrid G20 Summit in Indonesia

Indonesia’s Ministry of Communication and Information (Kominfo) has selected Cisco to power the first-ever hybrid G20 2022 Summit in Bali,


New phishing campaign posing as Spain’s Tax Agency

There’s a brand new phishing campaign on the run in Spain that poses as the Spanish Tax Agency, Agencia Tributaria.


Improve user security with UX design using these tips

Neglecting user security puts users at risk financially, professionally and even sometimes physically. When it comes to user experience, we


CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS

This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used


Dell PowerEdge Servers – Accelerating Performance with AMD for What’s Next

Looking for world-record performance that requires less space in a data center and that can be air-cooled, look no further.Blog


S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks – listen now!Naked SecurityRead More


Twitter Blue means bad things for the platform’s security

Shortly after acquiring Twitter, Elon Musk announced that Twitter will be launching an $8 monthly subscription that gives users the


KmsdBot: The Attack and Mine Malware

Akamai security research has observed a new malware: a cryptominer with dreams of DDoS functionality. Read about kmdsbot in this


Evolving Digital Experiences at the Edge

The modern application has evolved and shifted to the edge. This inevitable adoption is improving the digital experience for end


Operational Considerations for Open RAN

What are the key operator considerations for deployment of Open RAN.Blog | DellRead More


World Cup 2022: Watch out for scams

In less than two weeks, the largest sporting event in the world will begin: The FIFA World Cup 2022. According


Emergency code execution patch from Apple – but not an 0-day

Not a zero-day, but important enough for a quick-fire patch to one system library…Naked SecurityRead More


4 Types of Cyber Crime Groups

Discover the four main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, and


Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

In all the excitement, we kind of lost count ourselves. Were there six 0-days, or only four?Naked SecurityRead More


Driving Machine Learning Solutions to Success Through Model Interpretability

A data science project’s success or failure can rest on a few key factors. Discover how to increase your chances


Collaboration is Key to a More Secure Future

Deepening the Dell and National Cybersecurity Alliance relationship.Blog | DellRead More


On-Ramping Traffic to a Cloud-Based Secure Web Gateway

Though cloud-based secure web gateways (SWGs) eliminate many problems, it?s important to select the right approach to on-ramping traffic based