Security News

A critical vulnerability recently addressed in the VMware Carbon Black Cloud Workload could be abused to execute code on a vulnerable server, according to a warning from a security researcher who discovered the bug. "A malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance may be able to obtain a valid authentication token, granting access to the administration API of the appliance," VMware notes in an advisory.

The new licensing makes it more profitable for service providers to design and offer a comprehensive cyber protection services portfolio with little to no upfront costs. With this announcement, the company's current Acronis Cyber Backup Cloud will be extended with cyber protection capabilities - including the company's backup, anti-malware, and protection management - and renamed Acronis Cyber Protect Cloud.

Wi-Fi kit-slinger Ubiquiti has suggested the attacker that accessed some of its cloud-hosted systems in January 2021 may have made off with source code and employee logins, not the customer data it initially warned could be in peril. Ubiquiti has not said when the external experts decided customer data was untouched.

Internal audit's ongoing digital transformation will rapidly accelerate in 2021, with 22% of respondents reporting that they will implement cloud-based technology this year, resulting in a majority of internal audit teams using a cloud-based audit management or GRC software solution for the first time, an AuditBoard survey reveals. "Many internal audit teams that have not yet shifted to a cloud approach are now set to reap the benefits of modernization - including gaining greater bandwidth for strategic, value-add activities - and will be better positioned to protect their organizations from new and emerging risks," said John Reese, AuditBoard's CMO. "They'll also get to equal footing with other functions within their organization who have already made the move to cloud-based solutions."

VMware Cloud is a distributed, multi-cloud platform that enables organizations to accelerate application modernization across the data center, edge, and any cloud. VMware Cloud Universal is ideal for customers committed to a hybrid cloud architecture; that have extended or variable cloud migration timelines; that have cloud bursting requirements; or desire an OPEX model for on-premises infrastructure.

Seagate Technology launched Lyve Data Transfer Services with its fleet of Lyve Mobile data shuttles, arrays, and services, enabling businesses to move mass data quickly, securely, and simply from edge to private, public, or hybrid clouds. In over a thousand businesses surveyed, more than half move data between storage locations daily, weekly, or monthly, and their average total of physical data transferred is 473TB. The faster they can move this data from edge to core to cloud, the more quickly they can unlock insights and derive value from their data.

The study, "Identity and Access Management for the Hybrid Enterprise," conducted by Forrester Consulting for ForgeRock and Google Cloud, also found that the industry has significant opportunities to improve the IAM experience for the majority of hybrid cloud adopters. Nearly 90% of those surveyed are held back from embracing IAM in the cloud because their current IAM offerings lack the stability, scalability or capabilities that their organizations need, according to Forrester.

Sysdig announced the addition of unified cloud and container security with the launch of continuous cloud security posture management. By pairing the Sysdig cloud security capabilities announced today with its container security features, teams can identify the entire attack chain and respond to threats faster.

As the footprint of Arm has grown, so has the demand for CI/CD solutions on Arm. CircleCI is now one of the few platforms to offer cloud-based CI/CD services for the Arm architecture due to its partnership with Amazon Web Services, allowing joint customers to build and test applications compiled for Arm without managing their own systems.

Argus Cyber Security has collaborated with Microsoft Azure IoT and joined the Microsoft partner network to provide vehicle manufacturers the ability to monitor, detect, and mitigate attacks in the cloud. Argus cyber security suite, integrated with Azure IoT for automotive applications, includes Argus Fleet Protection, an Automotive Security Operation Center solution, in-vehicle insights from Argus Connected ECU Protection, and update capabilities with Argus Software Updates Over-the-Air.