Security News > 2021

Akamai observed a 30% increase in internet traffic as the pandemic lockdowns started, and a global shift to remote functionality, which continues today. "Defending enterprise systems is a challenge at the best of times," said Robert Blumofe, chief technology officer at Akamai.

Data access has become more critical for 53% of survey respondents throughout the pandemic as analytics workloads and demands increase significantly, according to a survey conducted by Enterprise Management Associates. The survey found that half of respondents have data in five or more data storage platforms.

NetApp announced the general availability of NetApp Astra, a fully managed application-aware data management service built for Kubernetes workloads. NetApp Astra allows organizations to protect, recover, and move applications deployed on Kubernetes with no software to download, install, manage, or upgrade, thus enabling them to focus on developing and scaling their applications-not on managing infrastructure.

Hewlett Packard Enterprise announced a series of innovation updates to its HPE GreenLake cloud services portfolio, and new capabilities and partnerships designed to dramatically simplify the experience and expand the reach of the HPE GreenLake Cloud Services business. New HPE GreenLake cloud services for virtual machines, containers and bare metal management with scalable, modular entry points specifically tailored for mid-market businesses, starting at 100 VMs, and increasing to 600 VMs. New agreements with ALSO Group, Arrow Electronics, Ingram Micro, Synnex, and Tech Data that expand the market reach for HPE GreenLake Cloud Services by integrating HPE GreenLake in their online marketplaces.

Commentary: Enterprises try their best to secure their data, but running on-premises mail servers arguably doesn't do this. We can have a debate about how soon enterprises should embrace cloud.

To kick off, there's CVE-2021-22987, which scores a 9.9 on the ten-point CVSS scale of severity as it "Allows authenticated users with network access to the Configuration utility, through the BIG-IP management port, or self IP addresses, to execute arbitrary system commands, create or delete files, or disable services." Administrators are advised the flaw allows "Complete system compromise and breakout of Appliance mode." Note that this can only be exploited via the control plane, and it does require an attacker to have a valid login - so a rogue insider or someone using stolen credentials, perhaps. At a mere 9.8 rating, CVE-2021-22986 "Allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services." Complete system compromise is again a possible consequence.

Amazon Web Services announced new Amazon Elastic File System One Zone storage classes that reduce storage costs by 47% compared to existing Amazon EFS storage classes, while delivering the same features and benefits. One Zone storage classes redundantly store data within a single Availability Zone and are ideal for customers who want cost-optimized file storage options for workloads and applications that do not require the level of availability and durability offered by regional Amazon EFS storage classes that redundantly store data across multiple geographically separated AZs.

Denuvo offers its Anti-Cheat solution through this program to publishers and developers whose games are available on PlayStation 5. Denuvo is at the forefront of games security with over 2 billion unique game installs protected across all platforms, and over 1,000 games secured.

Juniper Networks announced a partnership with PBX-Change. PBX-Change will now be able to bring Juniper's innovative Software-Defined Wide Area Network Flexible Service Edge technology to its customers, delivering business quality Unified Communications and business continuity services.

Accedian announced that its cloud-native performance monitoring and analytics platform, Skylight, will include new decryption technology to ensure end-to-end visibility on encrypted network traffic. The technology supports all Transport Layer Security versions, including TLS 1.3, allowing customers to maintain the privacy and security of encryption while still gaining valuable insight into network traffic for performance monitoring and threat detection.