Security News

Dell Technologies on Thursday announced new security offerings designed to address threats targeting the supply chain, a device's boot process, and sensitive data. For supply chain security, Dell unveiled SafeSupply Chain solutions.

Dell's Chief Security Officer John Scimone runs a converged security organization, which creates an unusually broad view of security risks. The security team at Dell also holds regular joint strategy and operational planning meetings that include physical and digital security professionals, resilience professionals and business unit security leaders.

Researchers have disclosed details of a recently patched, high-severity Dell PowerEdge server flaw, which if exploited could allow an attacker to fully take over and control server operations. The web vulnerability was found in the Dell EMC iDRAC remote access controller, technology embedded within the latest versions of Dell PowerEdge servers.

Dell Technologies' Global Data Protection Index 2020 Snapshot takes a closer look at the disruptions plaguing organizations around the globe. "Vulnerabilities, if not addressed, can do lasting damage to a company. Businesses must become more resilient, such as implementing air-gapped solutions that are physically disconnected while protecting their data, as cyber criminals continue to seize new opportunities to cause disruptions," said Nelson Hsu, director of data protection solutions marketing at Dell Technologies.

VMware announced the availability of the second generation of VMware Cloud on Dell EMC, a cloud service that combines the simplicity and agility of the public cloud with the security and control of enterprise-grade on-premises infrastructure. "Today's IT teams are under constant pressure to deliver the advantages of a cloud operating model-namely, speed and agility-while still accounting for key security and compliance assurances," said Fidelma Russo, senior vice president and general manager, VMware Cloud on Dell EMC. "VMware Cloud on Dell EMC further enables IT teams to transform the operation, management and protection of their on-premises infrastructure to a cloud model. Organizations can migrate existing VMware-based workloads immediately to this cloud service, eliminating any re-development, re-factoring, or architectural rework and related costs."

Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS. Dubbed 'SafeBIOS Events & Indicators of Attack', the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their computers undergo some unusual changes. Changes to the system BIOS settings could allow malicious software to run during the boot process,.

Dell on Friday announced the launch of Dell SafeBIOS Events & Indicators of Attack, a utility designed to alert IT and security teams about BIOS configuration changes that could be part of a sophisticated attack. Dell SafeBIOS Events & Indicators of Attack is available immediately worldwide for Dell commercial PCs as part of the company's Trusted Device solution.

Within the last 12 months, the total cost of data loss has reached an average of more than $1 million per organization, Dell Technologies found. Despite businesses managing nearly 40% more data than they were a year ago, the majority of professionals said their current data protection solutions aren't good enough.

Eclypsium said on Monday that, despite years of warnings from experts - and examples of rare in-the-wild attacks, such as the NSA's hard drive implant - devices continue to accept unsigned firmware. The infosec biz said a miscreant able to alter the firmware on a system - such as by intercepting or vandalizing firmware downloads, or meddling with a device using malware or as a rogue user - can do so to insert backdoors and spyware undetected, due to the lack of cryptographic checks and validations of the low-level software.

Eclypsium said on Monday that, despite years of warnings from experts - and examples of rare in-the-wild attacks, such as the NSA's hard drive implant - devices continue to accept unsigned firmware. The infosec biz said a miscreant able to alter the firmware on a system - such as by intercepting or vandalizing firmware downloads, or meddling with a device using malware or as a rogue user - can do so to insert backdoors and spyware undetected, due to the lack of cryptographic checks and validations of the low-level software.